SAN ANTONIO--(BUSINESS WIRE)--Digital Defense, Inc. (DDI), a leading provider of managed cloud-based security risk assessments, announced a zero-day finding, discovered by the company’s Vulnerability Research Team (VRT). This vulnerability, which resides in Lenovo® network storage devices, can potentially be exploited by an attacker to gain unauthorized remote read-only access to network-attached storage (NAS) shares. The security issue was discovered using DDI’s patent-pending vulnerability scanning technology.
The vulnerability is specific to LenovoEMC, Lenovo, and Iomega NAS devices with LenovoEMC LifeLine firmware version 4.0.2.9960 or 4.0.4.14600. Upon discovery, DDI and Lenovo began collaborating to examine and address the flaw, with Lenovo releasing a remedy for the issue today. Firmware updates are available for download from http://support.lenovoemc.com.
DDI’s ability to identify and quickly disclose zero-day findings is attributable to the company’s cutting edge technology, as well as the research expertise within the organization, which has resulted in multiple zero-day discoveries, including those within widely deployed platforms such as Dell EqualLogic, VMware®, Novell®, Epicor® and IBM® WebSphere®. This Decisive Security Intelligence is improving the security posture of organizations across the globe.
Larry Hurtado, DDI President & CEO, states, “Our powerful scanning technology, coupled with the delivery of our solutions through a cloud-based platform, provides us with a unique capability to proactively expose these previously unknown flaws. Our goal is to work hand in hand with hardware and software manufacturers to help them understand our security vulnerability discoveries and to ensure this intelligence is rapidly communicated to our clients and other end users, with the appropriate remediation solution, to ensure any potential risk is mitigated. This responsible disclosure process has been effective in resolving security issues before they potentially open the door to malicious attacks.”
For more information about this vulnerability and other security advisory information released by DDI, please go to www.ddifrontline.com.
About Digital Defense
Founded in 1999, Digital Defense, Inc. (DDI) is a premier provider of managed security risk assessment solutions protecting billions in assets for small businesses to Fortune companies in over 65 countries. DDI’s dedicated team of experts helps organizations establish a culture of security through regular information security assessments, awareness education and Decisive Security Intelligence. This proven method bolsters the capability of organizations to reduce risk and keep information, intellectual property and reputations secure. The combination of DDI’s certified Security Analysts, patent-pending scanning technology and proprietary cloud-based vulnerability management system, Frontline™ Solutions Platform, delivers one of the most powerful assessment results and remediation management solutions possible.
Reader Contact Information
Digital Defense, Inc., 9000
Tesoro Drive, Suite 100, San Antonio, Texas, 78217
Phone -
210.822.2645, Fax - 210.822.9216
www.ddifrontline.com
Digital Defense and the Shield Logo are Registered Service Marks of Digital Defense, Inc. All other trademarks are the property of their respective owners.
