In this on-demand webinar, Team82 Vulnerability Researcher Noam Moshe and Editorial Director Mike Mimoso will take a deep dive into Claroty Team82’s research into the security of NAS devices sold by two of the biggest network-attached storage vendors, Western Digital and Synology. You’ll learn about how Team82 researchers were able to uncover and exploit vulnerabilities that allowed them to enumerate and impersonate edge devices, steal cloud proxy authentication tokens, and access files stored on the devices.
Topics covered will include:
Team82's NAS research journey, which began at Pwn2Own Toronto in 2022 and culminated with an impressive coordinated disclosure with both affected vendors and ZDI to address all of the issues
How Team82 broke the cloud-based authentication schemes of both vendors' NAS devices — which would put the data of millions at risk if carried out by an adversary
Why existing NAT/firewall protections could be bypassed to achieve remote code execution on both vendors’ NAS devices when connected to the cloud
Please complete the form to watch the webinar.