San Antonio, TX – January 9, 2012 – Digital Defense, Inc. (DDI), a leading provider of managed cloud-based security assessments, announced the organization’s identification of a vulnerability within the embedded web server on the HP JetDirect Printer. This flaw could allow an attacker to see files that have been recently printed, capture credentials from the system, or conduct other malicious acts. DDI immediately notified HP of the finding.
This is DDI’s third vulnerability disclosure in recent months, including those within widely used applications including the IBM® WebSphere® Application Server and the KnowledgeTree™ Online Document Management System.
“Our proprietary scanning technology, NIRV (Network Interrogator Reconnaissance Vehicle), coupled with Digital Defense’s cloud-based vulnerability management platform, offers our researchers powerful intelligence, resulting in our ability to detect potential zero-day security issues”, stated Larry Hurtado, president and CEO.
Tom DeSot, Chief Information Officer added, “The security of our clients is the first priority when a vulnerability is recognized. We employ a process that includes rapid communication of the new vulnerability to our clients and ultimately the global Internet community. This process ensures companies everywhere are aware of the issue and can take the appropriate measures to protect their networks and sensitive information.”
DDI is currently collaborating with HP on the matter and will post more information regarding the issue to the DDI Labs Blog as it becomes available.