![]() ![]() The company contacted fellow security firm WhiteHat, and jointly alerted Lenovo - which has been praised for issuing firmware updates to fix the flaw despite three of the affected software versions having long been retired. Security firm Vertical Structure alerted the company to a flaw in its products in autumn last year, finding millions of files being shared indiscriminately by Lenovo NAS units totalling around 36TB of data - including financial information, expenses claims, tax returns, and bank data. ![]() Sadly for users of some Lenovo NAS devices, that turns out to have not been the case. Many also include the ability to access files from outside the local network, such as from a laptop in a coffee shop, which is a fine feature to have so long as external access is protected via cryptography and authentication. Network attached storage (NAS) devices are incredibly useful things: Effectively miniature servers, they accept one or more hard drives - or come with drives pre-loaded - and allow users to share files between multiple machines on a network. Lenovo has warned users of selected models of its network attached storage (NAS) products their files may be exposed to the internet without authentication, advising those affected to upgrade to a newer firmware to resolve the problem. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |