Security News

Researchers have disclosed details of critical security vulnerabilities in TerraMaster network-attached storage devices that could be chained to attain unauthenticated remote code execution with the highest privileges. "The issues reside in TOS, an abbreviation for TerraMaster Operating System, and"can grant unauthenticated attackers access to the victim's box simply by knowing the IP address, Ethiopian cyber security research firm Octagon Networks' Paulos Yibelo said in a statement shared with The Hacker News.

ASUSTOR network-attached storage devices have become the latest victim of Deadbolt ransomware, less than a month after similar attacks singled out QNAP NAS appliances. The attacks primarily affect internet-exposed ASUSTOR NAS models running ADM operating systems including, but not limited to, AS5104T, AS5304T, AS6404T, AS7004T, AS5202T, AS6302T, and AS1104T. Much like the intrusions targeting QNAP NAS devices, the threat actors claim to be using a zero-day vulnerability to encrypt ASUSTOR NAS devices, demanding that victims pay 0.03 bitcoins to recover access.

QNAP has extended support and will keep issuing security updates for some end-of-life network-attached storage devices until October 2022. "Due to these reasons, QNAP normally maintains security updates for 4 years after a product passes its EOL date. As a special effort to help users protect their devices from today's security threats, QNAP has extended security updates for some EOL models till October 2022.".

A critical vulnerability in Samba, a widely used open source implementation of the Server Message Block networking protocol, could allow attackers to execute arbitrary code as root on affected Samba installations. Several updated versions of Samba have been released on Monday, fixing CVE-2021-44142 and two other flaws, but since the software is included in most Linux and Unix-like operating systems, users of those are advised to keep an eye out for specific updates by those developer teams.

Taiwanese company QNAP has warned customers to secure network-attached storage appliances and routers against a new ransomware variant called DeadBolt. "QNAP urges all QNAP NAS users to [] immediately update QTS to the latest available version."

It's been a busy week with ransomware attacks tied to political protests, new attacks on NAS devices, amazing research released about tactics, REvil's history, and more. A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

QNAP has urged NAS users to act "Immediately" to install its latest updates and enable security protections after warning that product-specific ransomware called Deadbolt is targeting users' boxen. Security advice from QNAP includes disabling port-forwarding and UPnP port forwarding if your NAS is internet-facing.

QNAP is warning customers again to secure their Internet-exposed Network Attached Storage devices to defend against ongoing and widespread attacks targeting their data with the new DeadBolt ransomware strain. All QNAP users are urged to "Immediately update QTS to the latest available version" to block incoming DeadBolt ransomware attacks.

Threat actors behind the Qlocker ransomware are once again targeting Internet-exposed QNAP Network Attached Storage devices worldwide. Qlocker has previously targeted QNAP customers in a massive ransomware campaign that started during the week of April 19, moving victims' files within password-protected 7-zip archives with the.7z extension after breaching their NAS devices.

Get your internet-exposed, network-attached storage devices off the internet now, Taiwanese manufacturer QNAP warns: Ransomware and brute-force attacks are widely targeting all network devices. "The most vulnerable victims will be those devices exposed to the Internet without any protection," QNAP said on Friday, urging all QNAP NAS users to follow security-setting instructions that the Taiwanese NAS maker included in its alert.