Online:
Visits:
Stories:
Profile image
By goldenmean (Reporter)
Contributor profile | More stories
Story Views

Now:
Last Hour:
Last 24 Hours:
Total:

Warning! Seagate Wireless Hard Drives Have a Secret Backdoor for Hackers

Monday, September 7, 2015 10:57
% of readers think this story is Fact. Add your two cents.

(Before It's News)

This post was originally published on this site

Seagate Wireless Hard Drives Have a Secret Backdoor for Hackers
Several of Seagate’s 3rd generation Wireless Hard drives have a secret backdoor for hackers that puts users’ data at risk.
A Recent study done by the security researchers at Tangible Security firm disclosed an “undocumented Telnet services” with a hard-coded password in Seagate Wireless Hard Drives.
The secret Telnet Vulnerability (CVE-2015-2874) with an inbuilt user account (default username and password — “root”) allows an attacker to access the device remotely, left users data vulnerable to theft.
According to US-CERT (Computer Emergency and Response Team) public advisory, multiple models of Seagate hard drives contain multiple vulnerabilities.

Affected devices are:
  • Seagate Wireless Plus Mobile Storage
  • Seagate Wireless Mobile Storage (Wirelessly streaming your tablet and smartphone’s data)
  • LaCie FUEL (Wirelessly extending storage for iPads)
The violation that an attacker can activate is, they can gain root access to the device and access the stored data by sitting somewhere at a remote location.
The nature of vulnerabilities are:
  • Use of Hard-coded Credentials
  • Direct Request (‘Forced Browsing’)
  • Unrestricted Upload of File with Dangerous Type
The Security Advisory also mentions other vulnerabilities that could allow an attacker to directly download files from anywhere on the file system.
Fortunately, there’s an easy fix. Seagate recommended its affected customers to update the device firmware to version 3.4.1.105 to address these issues.

About the author

Researcher and Technical Writer at The Hacker News. An Information Security Consultant and System Auditor, a keen Security Evangelist for all forms of Cyber Security and Denotational Counter Hack Requirements of the Industry, Academia and Society.



The Hacker News

Subscribe for Updates

Want more Interesting News like this? Sign up here to receive the best of ‘The Hacker News’ delivered daily straight to your inbox.

Latest Stories

The post Warning! Seagate Wireless Hard Drives Have a Secret Backdoor for Hackers appeared first on Middle East Post.



Source: http://middleastpost.com/warning-seagate-wireless-hard-drives-have-a-secret-backdoor-for-hackers/

Report abuse

Comments

Your Comments
Question   Razz  Sad   Evil  Exclaim  Smile  Redface  Biggrin  Surprised  Eek   Confused   Cool  LOL   Mad   Twisted  Rolleyes   Wink  Idea  Arrow  Neutral  Cry   Mr. Green

Top Stories
Recent Stories
 

Featured

 

Top Global

 

Top Alternative

 

Register

Newsletter

Email this story
Email this story

If you really want to ban this commenter, please write down the reason:

If you really want to disable all recommended stories, click on OK button. After that, you will be redirect to your options page.