No exploitations have been observed in the wild as of yet, according to the company’s European site, but owners should scan for indicators of compromise given that the bugs have been publicly known but unpatched for months.

Beyond the obvious step of updating to the latest firmware, Canon is advising its customers to “set a private IP address for the products and create a network environment with a firewall or wired/Wi-Fi router that can restrict network access.”

  • agent_flounder@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    9 months ago

    set a private IP address for the products and create a network environment with a firewall or wired/Wi-Fi router that can restrict network access.

    Ah yes, so simple a child could do it.

    Good thing citizens are all well versed in networking and cyber security.

    If only there were vast profits in writing secure code maybe we wouldn’t see the same thing over and over again.

    • ItsAFake
      link
      fedilink
      English
      arrow-up
      2
      ·
      9 months ago

      Just so our job for us so we don’t have to code a fix.

    • IllNess@infosec.pubOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      9 months ago

      How much would it cost to merge and test operating systems?

      I’m pretty sure it can’t be more than the potential damages these devices can do…

      • agent_flounder@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        Canon doesn’t have to pay for hacked devices, though. And it costs money to develop and maintain a secure coding program. Companies want to cut costs not improve quality. And so here we are.

      • agent_flounder@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        9 months ago

        You and I know that, and IT people know that as you say, but to grandma that is a foreign language.

        I just found the wording amusing imagining some people I know trying to parse it.

        PS: and also wanted to bitch about companies churning out buggy shit. :)