Please be advised that recently discovered fax protocol vulnerabilities can transform fax machines into network entry points. This attack type occurs via phone lines vs. internet connections, and the only thing required to carry out this attack is a fax number. Because this exploit is carried out via phone lines, no security software can be used to prevent Faxploit.
Specifically, Faxploit leverages two buffer overflows in fax protocol components that handle DHT and COM markers – CVE 2018-5924 and CVE-2018-5925. Once exploited, attackers could infiltrate internal networks and do a number of things, including, steal printed documents or mine bitcoin.
The following video offers a demonstration of how this attack type works. https://youtu.be/1VDZTjngNqs
Network segmentation, including isolating fax machines to their own subnetworks would limit the type of data an attacker can gain access to via this attack.
To prevent Faxploit attacks:
Apply patches regularly to individual fax machines and all-in-one office printers, which have embedded fax machines. HP Faxploit patches for for Officejet all-in-one printers can be found here.
Please be advised of the following scams:
- Live callers purporting to be from a Chinese Consulate office saying that you have a package to be picked up at a Chinese Consulate office or that you need to supply information they request to avoid being in trouble. Typically, these callers will ask for your bank or credit card information or request a bank transfer.
- Chinese-language robocalls delivering messages about:
– a package waiting for you at the Chinese Consulate, or trouble with Chinese officials.
– how to lower your credit card rates or buy inexpensive health insurance. If you express interest, you will be transferred to a live person who will attempt to obtain your banking or credit card information.
Please also be advised that scammers may be using caller id spoofing, which means that calls may appear to come from a phone number you recognize or from the actual phone number of your local Chinese Consulate. In addition to phoning, scammers may also try and contact you via a social media platform.
The Chinese Consulate General in New York has posted alerts on their website about these phone scams. The Chinese Consulate states that will never request personal or sensitive information, a parcel pick-up or ask you to answer police department inquiries.
- If in doubt of the legitimacy of any call, verify by contacting the organization/business via a phone number independently obtained.
- Never provide payment or personal information to any caller. Confirm the legitimacy of any such calls by contacting the organization/business via a phone number independently obtained.
- Scammers may pretend to be officials from government agencies, such as the IRS, and they may threaten arrest or offer a prize or payment. They will likely seek some type of payment or sensitive information from you. For more information on these types of scams, please see the FTC webpage on Government Imposter Scams.
- For additional recommendations and information on how to report robocalls, please see the following Connect article, Learn to Spot a Phony; Detecting and Avoiding Phone Scams.
Due to multiple vulnerabilities in Google Chrome, users are being advised to update their Chrome browser asap. Affected Google Chrome versions are versions prior to 68.0.3440.75. For more information on these vulnerabilities, please see: https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-google-chrome-could-allow-for-arbitrary-code-execution_2018-084/.
To manually update Google Chrome:
- Open Google Chrome
- Click Chrome, About Google Chrome
- You will see the current version of Google Chrome running. Click Relaunch to apply any available update.