Category: QNAP

A critical vulnerability on QNAP NAS devices was recently patched by the Taiwanese firm. But the issue is that thousands of devices, say 59,000 in number, are yet to receive the update or have to be updated by the admins to avoid hackers from exploiting the SQL Injection Vulnerability.

To those new to QNAP, the company is into the manufacturing of network attacks storage devices and has been constantly facing issued regarding security for the past 2 years.

QNAP has issued a CVSS score of 9.8 out of 10 which is severe on the severity score as hackers can easily take control of the device without engaging the user or victim in any sort of interaction.

In order to secure themselves from attacks, QNAP customers might upgrade their device OS version to QTS 5.0.1.2234 or later and the same applies to the QuTS Hero h5.0.1.2248 version as well.

A recent study carried out by Censys Security discovered that only 550 out of 60,000 QNAP NAS devices were found to be patched with the fix and so others are still open to attacks such as ransomware, where a malware is used to encrypt an information storing appliance.

Previously, to avoid all such exploitation troubles, the data storage appliance maker urged its customers to disable the port forwarding feature of the router, as it can open a gateway for hackers to attack NAS devices. Additionally, the company also requested its customers to disable the UPnP function on the QNAP NAS device to stay out of trouble.

NOTE- In January this year, the company introduced new appliances that operate on hybrid processors and support El. S SSD support. So, such appliances can not only serve as simple file servers or backup nodes, but can also serve as computing servers for basic needs.

 

The post QNAP NAS devices are vulnerable to ransomware attacks appeared first on Cybersecurity Insiders.

1) Indian Computer Emergency Response Team (CERT-In) has given an update that all those who are using Adobe products and services should be cautious, as hackers can easily hack their systems by exploiting multiple vulnerabilities in the software.

According to CERT-In, the attacker can gain access to admin privileges, execute arbitrary codes and write arbitrary files on InDesign, InCopy, Illustrator, Bridge, and Animate services that work both on Windows and macOS.

So, users are being urged to keep their software up to date with the latest security updates to keep their systems well protected from such attacks.

2.) Second is the news that belongs to WordPress, the content management system provider offering services worldwide. WordPress forcibly issued an update to over millions of its sites after security researchers from WordFence Threat Intelligence documented an advisory about a code injection vulnerability.

After learning about the vulnerability, WordPress released an immediate update and applied the following plugins: 3.0.34.2, 3.1.10, 3.2.38, 3.3.21.4, 3.4.34.2, 3.5.8.4, and 3.6.11 on an automated note.

3.) Third is the news about QNAP storage devices. These company devices are being made as soft targets every month. And the latest news about these Taiwan-based network-attached storage makers is that two ransomware gangs recently targeted it.

First is the gang that is distributing DeadBolt Ransomware, and the second is the malware variant dubbed QNAPCrypt.

Cybersecurity researchers have found that the QNAP devices operating on weak passwords or operating outdated software are being targeted with the two said file-encrypting malware variants.

For keeping their systems updated, QNAP users are being urged to use strong passwords for admin privileges, use IP access protection for keeping brute force attacks at bay and avoid ports 443 and 8080 and keep the NAS systems updated with the latest QTS software versions.

4.) Fourth is the news related to a Russian botnet network that contains millions of infected machines and devices. RSocks botnet that is believed to be funded by Kremlin intelligence was shut down by law enforcement acting on a judgment pronounced by DoJ.

RSocks were being used by cybercriminals to launch credential stuffing attacks, account hijacks, phishing emails, and fraudulent induction of mining software.

The botnet was on the tracking radar of the FBI since 2017 and has taken control of millions of devices that including industrial control systems, routers, CCTV systems, AV Streaming devices, and IoT.

In the year 2019, RSocks was seen adding millions of android devices and small computers to its list.

Now that the law enforcement authorities have taken control of the devices based on the inputs provided by Microsoft, it brought the highly sophisticated Russian crime to an end in May this year.

5.) On Tuesday last week, Microsoft added an update that addressed its operating system’s Wi-Fi accessing capabilities via its Hotspot feature. As the issue was affecting all its Windows 10 and 11 operating systems, the tech giant issued a patch on June 14 of this year.

As per the details released by the Windows giant, the issue was a bug-driven update known as KB5014697 and was blocking users from using the Wi-Fi hotspot feature.

Already the company has issued an update on the issue and is expected to be rolled out to all its users by this month-end.

For the time being, tech analysts say that the update can be rolled back, but as per our analysts, it is not recommended at all.

 

The post Cyber Attack news headlines trending on Google appeared first on Cybersecurity Insiders.

QNAP, a Taiwan-based company that offers data storage appliances, is back in news to become a target to Deadbolt ransomware again. Reports are in that the said file encrypting malware infected several NAS devices supplied by the hardware vendor, locking down access to users to stored information.

The security team of QNAP has reacted to the news by stating that users need to keep their appliances updated with the latest software updates that have been available since April 2022.

This time, the targeted models of QNAP are QTS 4.3.6 and QTS 4.4.1 and mainly those belonging to the X-series used by individuals and SMBs to manage files, share information and to perform other tasks.

Users are being urged by the NAS appliance maker to check for QTS update for the latest version and avoid the connection of Network Attacked Storage (NAS) to the World Wide Web.

According to a report conducted by security firm Censys from among 130,000 QNAP NAS devices, hackers have been targeted almost half of them with malware by exploiting certain zero-day vulnerabilities. This time those spreading Deadbolt are seen demanding 0.03 BTC to free up the data from encryption.

NOTE 1- Early this week, threat intelligence firm Emsisoft released a press update. It stated that victims of Deadbolt Ransomware using QNAP appliances can use their decryption tool only if they paid the hackers a ransom for a decryption tool that is now neutralized because of a forced update from QNAP for NAS appliances.

NOTE 2- It is better if the company solves these issues at the earliest. As it can make its customers lose trust in the products in near future.

 

The post QNAP storage devices again hit by Deadbolt Ransomware appeared first on Cybersecurity Insiders.