From InfoWorld: A security review of network-attached storage (NAS) devices from multiple manufacturers revealed that they typically have more vulnerabilities than home routers, a class of devices known for poor security and vulnerable code.
Jacob Holcomb, a security analyst at Baltimore-based Independent Security Evaluators, is in the process of analyzing NAS devices from 10 manufacturers and has so far found vulnerabilities that could lead to a complete compromise in all of them.
"There wasn't one device that I literally couldn't take over," Holcomb said Wednesday during a talk at the Black Hat security conference in Las Vegas, where he presented some of his preliminary findings. "At least 50 percent of them can be exploited without authentication," he said.
The devices he evaluated are: Asustor's AS-602T, TRENDnet's TN-200 and TN-200T1, QNAP's TS-870, Seagate's BlackArmor 1BW5A3-570, Netgear's ReadyNAS104, D-LINK's DNS-345, Lenovo's IX4-300D, Buffalo's TeraStation 5600, Western Digital's MyCloud EX4 and ZyXEL's NSA325 v2.
View: Article @ Source Site
