A few years back the D-Link DNS-320L NAS device made headlines thanks to the discovery of a hardwired user and password present which allowed anyone access to your device. Western Digital seems to have completely ignored that previous furor as it turns out they reused that same firmware, without the update D-Link provided years back, on a number of My Cloud devices. As of now, if you are running any of the devices listed by The Register here with a firmware version below 4.x you are exposed. If you can't find newer firmware, which may well be the case, you can use D-Link's 2.30.174 firmware patch on your My Cloud; as always back up anything you don't want to lose before doing a firmware update.
"If you have a Western Digital My Cloud network attached storage device, it's time to learn how to update its OS because researcher James Bercegay has discovered a dozen models possess a hard-coded backdoor."
Here is some more Tech News from around the web:
- AMD CES 2018 Announcement Roundup @ [H]ard|OCP
- CES 2018 : The Acer Nitro 5 2018 Gaming Laptop @ TechARP
- Intel's eighth-gen Core processors with Radeon RX Vega M graphics @ The Tech Report
- CES 2018 : New Acer Swift 7 + Spin 3 Laptops @ TechARP
- Security hole in AMD CPUs' hidden secure processor code revealed ahead of patches @ The Register
- Qualcomm joins Intel, Apple, Arm, AMD in confirming its CPUs suffer hack bugs, too @ The Register
- Microsoft Halts Bitcoin Transactions Because It's An 'Unstable Currency' @ Slashdot
- EUV Lithography Finally Ready for Chip Manufacturing @ IEEE Spectrum
- EWin Champion Series Ergonomic Computer Gaming Chair Review @ OCC
While CES rages on in the
While CES rages on in the background that Meltdown/Spectre business needs to be watched and please feel free to delete this Post after you do a quick write-up on this issue below. There have been some systems borked by some patches and Woody’s Defcon advice may be good advice to wait and see before patching too early and getting a little Blue Screen of Unhappiness.
“More stuff broken amid Microsoft’s efforts to fix Meltdown/Spectre vulns”
I actually get the meme you
I actually get the meme you used there…