Skip to main content
  1. Home
  2. Computing
  3. News

Earn up to $10,000 by squashing printer-based bugs in HP’s bounty program

By

HP is calling an “industry first” by launching a print security bug bounty program providing rewards up to $10,000. It’s backed by Bugcrowd, a crowdsourced security platform that manages bug bounties, vulnerability disclosures, and more. The program will focus on bugs related to printers, which can be an entry point for hackers.

“As we navigate an increasingly complex world of cyber threats, it’s paramount that industry leaders leverage every resource possible to deliver trusted, resilient security from the firmware up,” Shivaun Albright, HP’s Chief Technologist of Print Security, said in a statement. “HP is committed to engineering the most secure printers in the world.”

Recommended Videos

According to HP, researchers participating in the program will report their findings directly to Bugcrowd. HP will evaluate any vulnerability that was already unearthed by the company and may reward the researcher “as a good faith payment.” Bugcrowd will verify all submitted bugs and reward researchers according to the severity of the flaw.

Related

Why would hackers choose a printer as their attack vector? In the home or corporate environment, it can be connected directly to the local network and even shared across the internet. Even more, they could contain confidential data in memory as they print sensitive documents. In the case of 3D printers, hackers could steal prototype designs.

To make the problem more severe, the printer is typically the last device you’d think would be susceptible to hackers. Homes and corporation alike place the PC at the top of the security list, but flaws in printer software and firmware can enable hackers to access sensitive data stored in the printer – not in the PC – from another location on the network.

Hackers have various ways they can attack and even use a printer, such as installing a chip that can forward information to a remote location. They can bypass the authentication process that controls access to the device, modify the data residing in the printer’s memory, or create malware on a personal device that connects to the printer and gains access to the entire network.

“Multi-Function Printers can be hacked by concentrating on security problems from most of the brands,” reports Infosec. “In most printers, when we search the address (not technical) http://your-printers-ip:9100, it will not lead to any location, but it reads a print job. It gives a request for root document by https. This gives access to the LCD display, through which the attacker enters. This proves no need of any tools or code for access.”

That’s where HP’s new program comes in. Researchers can hunt down potential problems, have the vulnerabilities verified, and get rewarded for their effort. A report released by Bugcrowd claims that the firm saw more than 37,000 bug submissions over the past year, 69 percent of which were actually valid. That’s a 21 percent increase over the vulnerabilities discovered last year.

Unfortunately, HP and Bugcrowd aren’t pointing to an actual page where researchers can find more information. Instead, they point to HP’s Printer Device Security page where you can learn more about HP’s “secure” printer portfolio.

Editors' Recommendations

Topics
Kevin Parrish
Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Best SSD deals: Samsung 990 Pro discounts
Samsung 990 PRO SSD over a dark background.

As recently as a decade ago, you would most likely be using HDDs for storage, which tend to be quite slow and take up an absolute tone of space, even the smaller form factor ones made for laptops. If you wanted something a bit more fancy, like a modern M.2 SSD, you'd be paying a huge premium even for smaller sizes like 256GB and 512GB. Luckily there have been huge leaps in technology and manufacturing, and these days you can get your hands on the best SSDs for a pretty good price. Not only does that mean that you can save space, but you can also load Windows and your applications a lot faster, something we expect to see in the best gaming PCs and gaming laptops. If you need a new SSD to upgrade a gaming rig, check out RAM deals and GPU deals as well. If you need something that can swap between multiple devices, you'll prefer checking out external hard drive deals.
Our favorite SSD deal

If you're looking for something that's top-of-the-line and won't break the bank, then the Samsung 990 PRO is probably the way to go. It has the newer PCIe 4.0 standard, which makes it a great PS5 SSD if you can get it a heatsink, and it has a read speed of 7450 Mbps and a write speed of 6900 Mbps, so it's lightning fast. The 2TB model here has been discounted down to just $190 from the original $250, so you're saving a pretty solid $60 in the process. There is a 1TB version that's cheaper if you don't think you need that much, as well as a 4TB model that's great for those who have a tendency to hoard data.

Read more
Best Surface Laptop and Surface Pro deals: From $523
Microsoft Surface Go 3 sitting on table.

While the MacBook Air has become synonymous with being a high-quality and lightweight laptop, it does mean that you'd have to be part of the Apple ecosystem. Luckily, there are some great alternatives out there, and Microsoft's Surface lineup is made specifically to compete with MacBook deals. While the Surface Pro 10 and Surface Laptop 6 aren't quite here yet, at least at the consumer level, you can still grab the latest models with some pretty great deals. That's why we've gone out and looked for our favorite Surface Laptop and Surface Pro deals and compiled them all here for you to save you the hassle, although if these don't quite do it for you, be sure to check out other great laptop deals and 2-in-1 laptop deals as well.
Microsoft Surface Go 3 -- $523, was $550

Functioning as a 2-in-1 laptop that can switch between tablet mode and laptop mode, the Microsoft Surface Go 3 won't have trouble dealing with basic tasks as it's equipped with the Intel Pentium Gold 6500Y processor and 8GB of RAM. The 10.5-inch touchscreen with 1920 x 1080 resolution is bright and colorful, and its 128GB SSD is more than enough for your documents. The Microsoft Surface Go 3 ships with Windows 11 Home in Mode, so you can start using it as soon as you unbox it. The device also promises up to 11 hours of battery life before requiring a recharge.

Read more
Best monitor deals: Gaming, office, curved, OLED and more
Dell UltraSharp 27 4K PremierColor Monitor

Whether you're grabbing yourself one of these desktop computer deals or just want to upgrade to a new monitor, you'll be happy to know that the market has really boomed in the past few years. Not only have monitors gotten cheaper, but they're also packed with more features and specs for the same price. Also, it's worth noting that even if you're running a laptop, connecting a second screen can be really handy for work or even gaming, so don't completely ignore these deals if you are using a laptop.

As such, now is a great time to pick a monitor up since even the best monitors have some sort of deal on them, including some standout Samsung monitor deals. These will pair well with gaming PC deals, especially the 4K monitors and ultrawide monitors near the bottom of this list.
Best monitor deals

Read more