Your Seagate hard drive may be at risk for severe vulnerabilities

wireless seagate hard drives threatened by root password vulnerabilities plus hero right hi res 4975x4975 copy
As a warning to users of Seagate’s line of wireless hard drives, a group of researchers at Tangible Security has discovered a security hole in a few specific Seagate wireless drives.

The vulnerability, which can reportedly provide unauthorized users with root access to the drive, is said to activate undocumented Telnet services using a default username and password combo. Telnet, a simple command line procedure, actually allows attackers to log in to someone else’s computer over an Internet or local network connection.

Anyone who opts to exploit this flaw could, quite effortlessly, dictate your hard drive as their own, enabling them to steal files or even to deploy malicious attacks against other people’s computers from your hard drive. Especially concerning is that both the default username and password required for root access is simply the word ‘root,’ making the barrier of entry for aggressors distressingly low.

Another hole spotted by the research firm allegedly allows an unrestricted capability to download files when within the parameters of a device’s wireless network. This could prove detrimental in the case where the attacker is located nearby. And a third flaw permits attackers to upload any file they’d like to the affected wireless hard drive. This, of course, isn’t limited to potentially hazardous files used to brick the devices attached to the drive or even the drive itself.

Fortunately, Seagate has already issued a fix, with help from Tangible Security, to the susceptibility, which seems to have affected those with either a Seagate Wireless Plus Mobile Storage, Seagate Wireless Mobile Storage, or a LaCie Fuel purchased between now and October 2014.

On the downside, however, Tangible has reported that other Seagate products may also be afflicted by the flaw.

“With products from large vendors such as Seagate, there tend to be numerous product names for basically the same product under the same vendor’s name or another vendor,” writes the research firm. “Tangible Security cannot enumerate all of the named products as well as Seagate. Other named products may be affected.”

If you’re using a wireless Seagate hard drive donning either firmware version 2.2.0.005 or 2.3.0.014, Seagate has made available an update to version 3.4.1.105 that repairs these vulnerabilities. To check if your drive is at-risk, it’s recommended that you search for a firmware update using Seagate’s Download Finder. Make sure to do it soon, as Tangible Security claims that this uncompromising vulnerability has been active for at least a week now and is sure to become more infectious as time goes by without action taken.

Product Review

Ring Video Doorbell 2 is the simplest entry into a smarter doorway

The Ring Video Doorbell 2 may lack the style and sophistication of premium door-dingers, but few can match its simplicity and versatility. The device, available in both wired and wireless configurations, is easy to set up and adds instant…
Gaming

‘Fortnite’ security flaw let hackers spy on players through microphones

A security vulnerability found in Fortnite allowed hackers to gain access to other players' accounts, potentially letting them spy on conversations using the in-game microphone. It has been addressed.
Computing

How to share an external hard drive between Mac and Windows

Compatibility issues between Microsoft Windows and Apple MacOS may have diminished sharply over the years, but that doesn't mean they've completely disappeared. Here's how to make an external drive work between both operating systems.
Computing

Lost your router? Here's how to find its IP address to help track it down

Changing the login information for your router isn't always easy, that's why so many have that little card on the back. But in order to use it, you need to know where to go. Here's how to find the IP address of your router.
Computing

Don't spend a fortune on a PC. These are the best laptops under $300

Buying a laptop needn't mean spending a fortune. If you're just looking to browse the internet, answer emails, and watch Netflix, you can pick up a great laptop at a great price. These are the best laptops under $300.
Computing

Dell XPS 13 vs. Asus Zenbook 13: In battle of champions, who will be the victor?

The ZenBook 13 UX333 continues Asus's tradition of offering great budget-oriented 13-inch laptop offerings. Does this affordable machine offer enough value to compete with the excellent Dell XPS 13?
Product Review

LG Gram 14 proves 2-in-1 laptops don’t need to sacrifice battery for light weight

The LG Gram 14 2-in-1 aims to be very light for a laptop that converts to a tablet. And it is. But it doesn’t skimp on the battery, and so it lasts a very long time on a charge.
Gaming

Take a trip to a new virtual world with one of these awesome HTC Vive games

So you’re considering an HTC Vive, but don't know which games to get? Our list of 25 of the best HTC Vive games will help you out, whether you're into rhythm-based gaming, interstellar dogfights, or something else entirely.
Computing

The Asus ZenBook 13 offers more value and performance than Apple's MacBook Air

The Asus ZenBook 13 UX333 is the latest in that company's excellent "budget" laptop line, and it looks and feels better than ever. How does it compare to Apple's latest MacBook Air?
Computing

AMD Radeon VII will support DLSS-like upscaling developed by Microsoft

AMD's Radeon VII has shown promise with early tests of an open DLSS-like technology developed by Microsoft called DirectML. It would provide similar upscale features, but none of the locks on hardware choice.
Computing

You could be gaming on AMD’s Navi graphics card before the end of the summer

If you're waiting for a new graphics card from AMD that doesn't cost $700, you may have to wait for Navi. But that card may not be far away, with new rumors suggesting we could see a July launch.
Computing

Is AMD's Navi back on track for 2019? Here's everything you need to know

With a reported launch in 2019, AMD is focusing on the mid-range market with its next-generation Navi GPU. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles, like Sony's PlayStation 5.
Computing

Cortana wants to be friends with Alexa and Google Assistant

Microsoft no longer wants to compete against Amazon's Alexa and Google's Assistant in the digital assistant space. Instead, it wants to transform Cortana into a skill that can be integrated into other digital assistants.
Computing

Microsoft leans on A.I. to resume safe delivery of Windows 10 Update

Microsoft is leaning on artificial intelligence as it resumes the automatic rollout of the Windows 10 October 2018 Update. You should start seeing the update soon now that Microsoft has resolved problems with the initial software.