Theories about why the attack involved two devastating exploits include the suggestion that rival threat actors were duking it out for control of the compromised devices. In fact, there were two vulnerabilities that were exploited: An old remote-code execution (RCE) bug from 2018 that Western Digital first blamed, and then a previously unknown flaw that enabled unauthenticated remote factory-reset device wipes. ![]() The company is also planning to offer a trade-in program to get customers onto the cloud – specifically, onto a supported My Cloud device – and off of old My Book Live and My Book Live Duo devices, an indeterminate number of which were remotely eviscerated in an attack that exploited what turns out to have been a zero-day vulnerability. ![]() Western Digital will start providing free data-recovery services in July for people whose data was wiped off their network-attached storage (NAS) devices last week, the company said in an update on Tuesday.
0 Comments
Leave a Reply. |