Posts

Posted on

Running one of Western Digitals My-cloud products? -read this… and update your firmware.

1 Comment

Running one of Western Digitals My-cloud products? -read this… and update your firmware.

Affected My Cloud Firmware Versions and Models

Western Digital’s My Cloud and My Cloud Mirror firmware version 2.30.165 and earlier are affected by all above-reported vulnerabilities.

Affected device models include My Cloud Gen 2, My Cloud PR2100, My Cloud PR4100, My Cloud EX2 Ultra, My Cloud EX2, My Cloud EX4, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100 and My Cloud DL4100.

Metasploit modules for all the vulnerabilities have been released online.

#westerndigital #mycloud #security

Originally shared by The Hacker News

βœ“ Unrestricted File Upload (Shell as Root)

βœ“ Secret Hardcoded Root Backdoor Account

βœ“ CSRF, Command Injection, DoS

βœ“ NOT PATCHED Even 6 Months After Reporting

https://thehackernews.com/2018/01/western-digital-mycloud.html
Posted on

#spectre

Leave a comment

#spectre

Originally shared by John Skeats

Protect Yourself from the Spectre Vulnerability in Chrome

The Spectre vulnerability presents an extremely serious security risk, and it affects essentially all devices in use today. The good news is that there is a simple change you can make in Chrome that will ensure that personal information from Chrome is protected from any exploiters of Spectre. All you need to do is a Chrome option called “Site Isolation Protection,” and you’ll be all set. Simply go to chrome://flags/#enable-site-per-process, click enable on the Strict site isolation option, restart Chrome — and your activity in Chrome will be completely protected. Not only is it easy, Google says the performance loss for Chrome should be negligible!

http://mashable.com/2018/01/04/google-chrome-spectre-precaution-meltdown/#Z1S._m1_hSqq