Lexmark | October 13, 2023
Lexmark has been named a Leader in the IDC MarketScape: Worldwide Print Transformation 2023 Assessment
IoT solutions like Optra Edge and Optra IoT Platform, allows Lexmark to deliver business value in diverse markets
Strategically targeting customers in banking, retail, manufacturing, and federal agencies, enables the company to harness IoT
Lexmark, the global imaging and IoT solutions leader, has been recognized as a Leader in the 'IDC MarketScape: Worldwide Print Transformation 2023 Assessment.' This recognition highlights Lexmark's commitment to leveraging device data analytics expertise for IoT solutions.
Lexmark operates globally and is known for its strong presence in various sectors, including the top global banks, retailers, pharmacy chains, manufacturers, and federal agencies. These markets include manufacturing quality control, connected products, transportation operations, and retail. Its success is attributed to its device data analytics experience, which led to the development of IoT solutions like Optra Edge and Optra IoT Platform. By harnessing data and analytics, Lexmark has evolved its transformation strategy to drive positive business outcomes for customers.
Lexmark has a history of recognition in IDC MarketScape reports, including managed print and document services/document workflow services, Worldwide Security Solutions and Services Hardcopy, highlighting their consistent leadership in the industry. This recognition by IDC reflects Lexmark's continuous commitment to emerging technologies and its ability to deliver value to customers by applying its technological expertise to address unique challenges in imaging and beyond.
Lexmark President and CEO, Allen Waugerman, remarked,
We are honored to again receive this IDC MarketScape recognition, which recognizes our early commitment to emerging technologies that enables us to deliver more value to customers in existing and new markets. Lexmark's designation as a Leader by IDC reflects our long-standing vertical market approach, enabling us to apply our technological expertise and address each customer's unique challenges in imaging and beyond.
[Source: Cision PR Newswire]
According to the report, Lexmark's transformation strategy evolved from the company's managed print services go-to-market strategy, referring to its device data analytics expertise. These same principles are applied to the company's adjacent entry into IoT solutions with data analytics, Optra Edge and Optra IoT platform. Also, Lexmark targeted industry opportunities where the company has an existing strong presence and knowledge as its existing customer base includes seven of the top 10 global banks, nine of the top 10 global retailers, eight of the top 10 global manufacturers, all top 10 U.S. retail pharmacy chains, and seven of the top 10 U.S. federal agencies.
The company's strength lies in its transformative approach, incorporating data analytics into IoT solutions, targeting industry opportunities where they have a strong presence, and defining clear avenues of growth in existing customers, expanded vertical and geographic targets, and new go-to-market channels.
Amazon | September 25, 2023
Amazon launched Echo Hub, a smart home control panel with support for over 140,000 IoT devices
It detects when a person is around and accordingly shifts its display
With an eight-inch display, it features voice control through Alexa
Amazon is set to provide a solution to simplify and streamline the management of multiple IoT devices
Amazon has introduced the Echo Hub, a sleek, smart home control panel featuring an eight-inch display and compatibility with over 140,000 IoT devices. Priced at $180, this hub offers voice control via Alexa and utilizes infrared technology. Notably, it automatically adjusts its display when someone approaches, simplifying smart home management.
This product is designed for use in smart homes, allowing users to centralize control of their IoT devices. The Echo Hub can be mounted on a wall or placed on a flat surface using an optional stand. It incorporates Alexa for voice control and supports infrared technology for added convenience. The device is also compatible with Sidewalk, Bluetooth, Thread, Zigbee and Matter, making it versatile for various smart devices.
Equipped with Infrared technology, it is a rare brand product with a slim design. Together with Amazon's third-party support, this factor makes the newly launched Echo Hub an ideal control panel for smart homes. The growing popularity of smart home management solutions has intensified competition within the market. Amazon, for instance, is set to introduce its Echo Hub later this year, which includes a Power over Ethernet (PoE) adapter. However, this expanding landscape also ushers in increased options for consumers. Recently, Home Assistant unveiled its budget-friendly Home Assistant Green, a plug-and-play smart home management device priced at $99.
As tech giants like Amazon enter the fray, consumers soon find themselves spoiled for choice. Nevertheless, this abundance of options may also pose a challenge as consumers navigate various products to address a common concern. While it is positive that smart home manufacturers are acknowledging the issue, developers must remain cautious about oversaturation. It is crucial to remember that consumers are discerning enough to recognize redundancy and may choose to retain their funds rather than make unnecessary purchases.
As the smart home market continues to grow, Amazon aims to provide a solution to streamline the management of multiple IoT devices. Amazon has introduced the Echo Hub as part of its smart home product lineup. It offers convenience and compatibility with various smart home products. Users interested in centralizing the control of their smart devices may find this product appealing.
Cisco | September 14, 2023
Cisco disclosed eight vulnerabilities in the OAS platform’s engine configuration management functionality.
Three of the eight detected vulnerabilities were rated as high-severity.
The issues detected in OAS platform v18.00.0072 were addressed and, v19 was released.
Cisco's Talos security researchers have identified eight vulnerabilities in the Open Automation Software (OAS) Platform that can be exploited to bypass authentication, disclose sensitive information, and overwrite files. The OAS Platform is commonly used to facilitate communication and data transfer between servers, industrial control systems (ICS), IoT devices, and other hardware in industrial and enterprise settings.
The OAS Platform is widely deployed in industrial operations, enterprise environments, and cross-platform integrations. It plays a crucial role in facilitating communication and data exchange across various devices and systems, facilitating logging and notifications. The vulnerabilities pose a significant security risk, especially in environments where the OAS Platform is used for critical industrial and enterprise operations. Unauthorized access and data breaches can lead to operational disruptions and potentially compromise sensitive information.
Among the eight vulnerabilities, three are rated as high-severity. Cisco's Talos security researchers were responsible for discovering and disclosing these vulnerabilities. The most critical issues are CVE-2023-31242 and CVE-2023-34998, both of which are authentication bypass flaws. CVE-2023-31242 can be triggered through a sequence of requests, while CVE-2023-34998 can be exploited by sniffing network traffic. The identified vulnerabilities in the OAS Platform mainly revolve around authentication bypass, information disclosure, and file manipulation. Attackers could leverage these weaknesses to create new users, gain unauthorized access, decrypt sensitive information, and perform arbitrary file and directory actions.
These vulnerabilities essentially allow attackers to gain unauthorized access to the system by loading and saving configurations to a disk and installing them on other devices. The issues were identified in OAS Platform version 18 and have been addressed in the subsequent release, version 19.00.0000, highlighting the importance of keeping software up-to-date to mitigate security risks.
These issues stem from the fact that when the OAS engine is deployed, by default, no admin user is defined and no authentication is required to access functionality such as new user creation. Even if an admin user is created, the configuration must be stored prior to restarting the engine, or it will revert to its default state. An attacker can create a new user, save the changes, and thus gain access to the underlying system.
Also, the vulnerability enables an attacker to acquire a protobuf containing valid admin credentials and construct their own requests. The perpetrator could then again obtain access to the underlying system by utilizing the user creation and saving functionality. Cisco warns that these authentication bypass flaws could be combined with CVE-2023-34317, an improper input validation flaw in the user creation functionality, to gain access to the underlying system by adding ‘a user with the username field containing an SSH key.’
CVE-2023-34353 is another high-severity authentication bypass that allows an attacker to perform network snooping to acquire the protobuf containing admin credentials and then decrypt sensitive information. While two of the remaining vulnerabilities could result in information disclosure, the other two could be exploited to create or overwrite arbitrary files and create arbitrary directories.