Security News
Identity Management Day was created to spread awareness and educate business leaders, IT decision makers, and the general public about the importance of managing and securing digital identities. As the general public takes on a more intricate digital life, the way the security industry approaches protecting its assets is shifting.
Building in security intelligence needs to be part of these digital transformation discussions. What better time than right now for organizations to assess their security posture and inventory their assets? After all, good security implementations and security intelligence are critical for data transformation to occur.
Digital Transformation Phase 2: Increased Efficiency and Heightened Security Risk We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. Digital transformation includes a variety of phases, and most organizations have been driving their digital transformations one step at a time.
Western Digital has fixed a critical severity vulnerability that enabled attackers to gain remote code execution with root privileges on unpatched My Cloud OS 5 devices. This flaw is an out-of-bounds heap read/write in the Samba vfs fruit VFS module.
Western Digital has fixed a critical severity vulnerability that enabled attackers to gain remote code execution with root privileges on unpatched My Cloud OS 5 devices. This flaw is an out-of-bounds heap read/write in the Samba vfs fruit VFS module.
Western Digital has released new My Cloud OS firmware to fix a vulnerability exploited by bug hunters during the Pwn2Own 2021 hacking competition to achieve remote code execution. The flaw, tracked as CVE-2022-23121, was exploited by the NCC Group's EDG team members and relied on the open-source service named "Netatalk Service" that was included in My Cloud OS. The vulnerability, which has a CVSS v3 severity score of 9.8, allows remote attackers to execute arbitrary code on the target device, in this case, WD PR4100 NAS, without requiring authentication.
Magnet Forensics announced the release of an IDC survey which revealed that more than half of the respondents are expecting to make major investments in digital forensics and incident response technology over the next two years to address growing cybersecurity threats. "The results of the survey are clear: Digital forensics is going to play a central role in helping enterprises protect their most valuable digital assets over the next several years," said Adam Belsher, CEO at Magnet Forensics.
DevOps - an all-encompassing term for automating and managing digital transformation - helps organizations succeed with digital transformation by shifting the cultural mindset of the business, breaking down silos and paving the way for continuous processes. Ensuring your organization's digital transformation and DevOps processes are secure.
Users of Western Digital's EdgeRover app for Windows and Mac are advised to download an updated version to avoid a security flaw that might allow an attacker unauthorized access to directories and files. According to Western Digital, the flaw meant that EdgeRover was subject to a directory traversal vulnerability, which may have allowed an attacker to carry out a local privilege escalation and bypass file system sandboxing.
Western Digital's EdgeRover desktop app for both Windows and Mac are vulnerable to local privilege escalation and sandboxing escape bugs that could allow the disclosure of sensitive information or denial of service attacks. EdgeRover is a centralized content management solution for Western Digital and SanDisk products, unifying multiple digital storage devices under a single management interface.