That’s according to HP’s chief technologist for printer security Shivaun Albright. The company is calling this the first printer-focused bug bounty program in the industry, and it was launched in partnership with crowdsourced security platform Bugcrowd. The program is also eventually going to include HP desktops.

HP has thrown down the gauntlet with a challenge to hackers: Try and poke holes in our printer software, and we'll give you $10,000. It's the first bug bounty to emerge from the hardware maker. Power Plant Performance By Gill Pdf Printer.

Per, participating hackers have been told for now to give particular attention to firmware-level vulnerabilities, including remote code execution, cross-site request forgery and cross-site scripting bugs. “As we navigate an increasingly complex world of cyber threats, it’s paramount that industry leaders leverage every resource possible to deliver trusted, resilient security from the firmware up,” Albright told the publication. Using A Script To Install Printers Remotely. “HP is committed to engineering the most secure printers in the world.” Hackers chosen to participate in the program can remotely chip away at 15 printers in HP’s offices. One reason the company is starting with printers is because there’s a general understanding of the fragility of Internet of things devices when it comes to security — encompassing things like web cameras and smart TVs — but that same focus doesn’t always seem to extend to printers. Even though it’s one of the most common pieces of computing hardware and certainly one of the most ubiquitous Internet of Things devices out there. Not only do printers get too overlooked.

It’s also worth remembering they were part of the mix of co-opted Internet of Things devices the Mirai botnet attacked in 2016 and temporarily knocked sites like Twitter and Reddit offline. Last year, a team of German researchers studied 20 printers from leading manufacturers like HP and Dell and found that every single one of them had at least one security flaw that could be exploited, such as holes that could provide an entry door into the rest of an organization’s network. The stakes certainly keep rising. According to Bugcrowd’s, the past year has seen a 21 spike in endpoint vulnerabilities reported, as well as a 36 percent increase in total bug bounty payouts.

Canon 550ex User Manual Pdf there. Under the terms of HP’s bug bounty program, $10,000 is the maximum payout. It starts at $500 and goes up from there. “We’re challenging researchers to search for obscure defects that could be used against our customers,” an HP spokesman told.

In partnership with bug bounty platform Bugcrowd, HP says it is the 'only vendor' to launch a printer-only vulnerability disclosure scheme. Under the terms of the program, researchers can earn between $500 and $10,000 per legitimate find. Speaking to ZDNet, an HP spokesperson said: 'We're challenging researchers to search for obscure defects that could be used against our customers. We're providing researchers with remote access to a set of Enterprise Multifunction printers and invited researchers to focus on the potential for malicious actions at the firmware level including CSRF, RCE, and XSS.'