via E-Commerce Times
An Apple App Store developer has been shown the door for allegedly scamming the system in order to propel his applications to the top of the store’s “Books” category. The operation may have also involved fraudulent charges placed on the accounts of hundreds of iTunes customers. Apple said iTunes’ main servers, where millions of customers’ credit card numbers are stored, were not compromised.
Security experts will tell you that cybercriminals like to hit online operations with large numbers of users. So it shouldn’t be surprising that an unscrupulous individual has apparently been caught lurking in the heavily trafficked Apple (Nasdaq: AAPL) iTunes App Store.
Clues that something was amiss in the App Store surfaced over the weekend when apps by a particular developer — with very few customer reviews or ratings — captured 42 of the top 50 spots in the App Store’s “Books” category. There were also reports of some App Store customers seeing hundreds of dollars in unauthorized charges to their accounts for the purchase of some of these apps. …
Hack a printer you say, what kind of toner have you been smoking, Irongeek? Well, I’m here to tell you, there’s more that can be done with a printer to compromise network security than one might realize. In the olden days a printer may not have been much of a concern other than the threat from folks dumpster diving for hard copies of the documents that were printed from it, but many modern printers come network aware with embedded Operating Systems, storage and full IP stacks. This article will attempt to point out some of the more interesting things that can be done with a network based printer to make it reveal information about its users, owners and the network it’s part of.
Some of this article may seem a little Black-hat as it concentrates more on the breaking-in than the keeping-out. However I feel this information will be useful to system administrators and auditors so that they know what sorts of things to look out for when it comes to network printers. If you want more advice on how to lock down your network printer visit your vendors web site. A guide from HP is linked at the bottom of this article for your convenience. If nothing else, this article may get you thinking in the right direction.
For my tests I will mostly be using a Hewlett-Packard LaserJet 4100 MFP (Fax/Printer/Copier/Scanner), an HP JetDirect 170x and a HP JetDirect 300X (J3263A) but I will also touch a bit on the Ricoh Savin series of printers lest you think HPs are the only network printers with security problems.
Much of this article will read like a huge brain dump, sort of disorganized and hazy like my mind. It all started as a project for Droop’s Infonomicon TV and it snowballed from there with no specific direction. Bear with me as I clean it up and other folks send me new additions and suggestions to make this article more useful.
The most recent version of this article can be found at: http://www.irongeek.com/i.php?page=security