Collaborate Disseminate
Western Digital expanded its portfolio of data storage devices purpose-built for the surveillance market, introducing three new offerings: the industrial-grade 3D NAND UFS embedded flash drive (EFD) for surveillance; an expanded WD Purple microSD card … Continue reading Western Digital expands surveillance storage and analytics portfolio
Western Digital has failed to patch a serious security vulnerability in its MyCloud NAS drives that it was told about more than a year ago, researchers have alleged. Continue reading Western Digital goes quiet on unpatched MyCloud flaw
Security researchers have discovered an authentication bypass vulnerability in Western Digital’s My Cloud NAS devices that potentially allows an unauthenticated attacker to gain admin-level control to the affected devices.
Western Digital’s My Cloud (… Continue reading Western Digital’s My Cloud NAS Devices Turn Out to Be Easily Hacked
Attack uses ultrasonic sound waves to disrupt HHD read/write operations, which could lead to a system crash. Continue reading Sonic Tone Attacks Damage Hard Disk Drives, Crashes OS
Two new WD My Cloud vulnerabilities have been identified, adding to last month’s bevy of security bugs. Continue reading New Western Digital My Cloud Bugs Give Local Attackers Root on NAS Devices
How handy!
Oh, it turns out you’re not the only one who can use it to log into your personal files remotely… Damn.
Continue reading Locked out? Don’t worry, here’s the hardcoded password for your WD My Cloud NAS device
A number of My Cloud network-attached storage devices from Western Digital, including some models used by businesses, were found to contain an undocumented account that could allow attackers to take over the devices. The exact same account with the sam… Continue reading D-Link NAS Backdoor Found Years Later in Western Digital My Cloud Boxes
Owners of Western Digital My Cloud should make sure they’ve downloaded the most recent security patches after a hard-coded backdoor was recently discovered on the product. Researcher James Bercegay discovered and disclosed last Wednesday a username and password that gives users admin privileges to a dozen Western Digital models. He urges users to upgrade firmware to version 2.30.174. The problems were reported to Western Digital last year and a patch has since removed the back door. The more fundamental question — why was there a backdoor in the first place? — remains unanswered by the company despite repeated inquiries from CyberScoop. “This is a classic backdoor,” Bercegay wrote in a blog post outlining the problems with also included pre-authenticated remote root code execution essentially allowing complete takeover of the device. “The triviality of exploiting this issues makes it very dangerous, and even wormable,” the researcher wrote. “Not only that, but users locked to a LAN […]
The post Western Digital removes hard-coded backdoor from personal cloud drives appeared first on Cyberscoop.
Continue reading Western Digital removes hard-coded backdoor from personal cloud drives
Western Digital network attached storage (NAS) devices have been found vulnerable to remote exploitation that would allow bad actors to download your private files at will. Security researcher James Bercegay reveals in an advisory that an array of R… Continue reading Researcher finds hardcoded backdoor in Western Digital storage devices
Security researchers have discovered several severe vulnerabilities and a secret hard-coded backdoor in Western Digital’s My Cloud NAS devices that could allow remote attackers to gain unrestricted root access to the device.
Western Digital’s My Cloud… Continue reading Critical Unpatched Flaws Disclosed In Western Digital ‘My Cloud’ Storage Devices