Your Seagate hard drive may be at risk for severe vulnerabilities

wireless seagate hard drives threatened by root password vulnerabilities plus hero right hi res 4975x4975 copy
As a warning to users of Seagate’s line of wireless hard drives, a group of researchers at Tangible Security has discovered a security hole in a few specific Seagate wireless drives.

The vulnerability, which can reportedly provide unauthorized users with root access to the drive, is said to activate undocumented Telnet services using a default username and password combo. Telnet, a simple command line procedure, actually allows attackers to log in to someone else’s computer over an Internet or local network connection.

Anyone who opts to exploit this flaw could, quite effortlessly, dictate your hard drive as their own, enabling them to steal files or even to deploy malicious attacks against other people’s computers from your hard drive. Especially concerning is that both the default username and password required for root access is simply the word ‘root,’ making the barrier of entry for aggressors distressingly low.

Another hole spotted by the research firm allegedly allows an unrestricted capability to download files when within the parameters of a device’s wireless network. This could prove detrimental in the case where the attacker is located nearby. And a third flaw permits attackers to upload any file they’d like to the affected wireless hard drive. This, of course, isn’t limited to potentially hazardous files used to brick the devices attached to the drive or even the drive itself.

Fortunately, Seagate has already issued a fix, with help from Tangible Security, to the susceptibility, which seems to have affected those with either a Seagate Wireless Plus Mobile Storage, Seagate Wireless Mobile Storage, or a LaCie Fuel purchased between now and October 2014.

On the downside, however, Tangible has reported that other Seagate products may also be afflicted by the flaw.

“With products from large vendors such as Seagate, there tend to be numerous product names for basically the same product under the same vendor’s name or another vendor,” writes the research firm. “Tangible Security cannot enumerate all of the named products as well as Seagate. Other named products may be affected.”

If you’re using a wireless Seagate hard drive donning either firmware version 2.2.0.005 or 2.3.0.014, Seagate has made available an update to version 3.4.1.105 that repairs these vulnerabilities. To check if your drive is at-risk, it’s recommended that you search for a firmware update using Seagate’s Download Finder. Make sure to do it soon, as Tangible Security claims that this uncompromising vulnerability has been active for at least a week now and is sure to become more infectious as time goes by without action taken.

Computing

Wi-Fi vulnerability could allow attackers to steal your data on unencrypted sites

A 20-year-old security flaw in the design of the Wi-Fi standard and how computers communicate using the transmission control protocol could allow hackers to perform a web cache poisoning attack to steal your data and login information.
Smart Home

Google Assistant will now help Simplisafe keep homes secure

SimpliSafe has added Google Assistant voice commands to its home security system. Customers can now use Google Assistant commands to configure, arm, and check their home security system components.
Computing

Windows improves handwriting-recognition skills at the peril of users’ security

A Windows file that is designed to help improve the platform's ability to translate your handwritten notes into readable text may be a security concern. One researcher found it contained passwords and email contents.
Smart Home

California passes bill that regulates security for Internet of Things devices

California recently became the first state in the country to pass a bill that regulates Internet of Things security. The bill requires manufacturers to include "reasonable security" measures on devices produced in the US.
Gaming

Dive head first into the best experiences available now on the Oculus Rift

The Oculus Rift brought back virtual reality and put a modern twist to it. Grab your Touch Controllers, put on your VR headset, and jump into the fun with some of the best Oculus Rift games available now.
Computing

Ripple cryptocurrency jumps 70 percent in 24 hours after news of bank deal

The Ripple cryptocurrency has seen its value reach the highest point since late 2017 after a tease from a Ripple Labs regulator suggested it could soon be adopted by banks for international money transfers.
Computing

Google tells lawmakers it allows other apps access to your Gmail

Google admitted to lawmakers in a letter that its privacy policy allows third-party apps access to the email messages of its 1.4 billion Gmail users. Google says the apps need the consent of users before access is granted.
Computing

From beautiful to downright weird, check out these great dual monitor wallpapers

Multitasking with two monitors doesn't necessarily mean you need to split your screens with two separate wallpapers. From beautiful to downright weird, here are our top sites for finding the best dual monitor wallpapers for you.
Computing

Gaming on a laptop has never been better. These are your best options

Gaming desktops are powerful, but they tie you down to your desk. For those of us who prefer a more mobile experience, here are the best gaming laptops on the market, ranging from budget machines to maxed-out, wallet-emptying PCs.
Computing

Tired of paying for shipping? Here's how to set up an Amazon Prime account

Want to know how to sign up for Amazon Prime? It's easier than you might think and even comes with a free trial so that you can enjoy all of its benefits for 30 days risk-free. Just follow these steps.
Social Media

Twitter squashes security bug leaking direct messages since 2017

The team at Twitter has discovered and corrected a security bug within one of their developer APIs that has been leaking sensitive information sent via direct messages to business accounts.
Computing

Tired of choosing between Windows and Mac? Check out these Chromebooks instead

We've compiled a list of the best Chromebooks -- laptops that combine great battery life, comfortable keyboards, and the performance it takes to run Google's lightweight Chrome OS. From Samsung to Acer, these are the Chromebooks that really…
Product Review

It's the thinnest touchscreen laptop, but HP's Spectre doesn't sacrifice speed

Our HP Spectre 13 review evaluates the “world’s thinnest touchscreen notebook” to see if it’s possible to make something smaller while increasing its speed and longevity. Spoiler alert -- it is. But does that make it a laptop you…
Product Review

Controversy has dogged the MacBook Pro lately. Is it still a good purchase?

The MacBook Pro is a controversial laptop these days -- and that's unfortunate. Due to some divisive changes Apple made to the functionality of the MacBook Pro, fans are more split. Does the 8th-gen refresh change that?