Security News
Dirty Pipe, a recently reported local privilege escalation vulnerability, affects the Linux kernel on QNAP NAS running QTS 5.0.x and QuTS hero h5.0.x, QNAP advised. QTS 5.0.x on all QNAP x86-based NAS and certain QNAP ARM-based NAS. QuTS hero h5.0.x on all QNAP x86-based NAS and certain QNAP ARM-based NAS. QNAP NAS running QTS 4.x aren't affected.
Taiwanese hardware vendor QNAP warns most of its Network Attached Storage devices are impacted by a high severity Linux vulnerability dubbed 'Dirty Pipe' that allows attackers with local access to gain root privileges. The 'Dirty Pipe' security bug affects Linux Kernel 5.8 and later versions, even on Android devices.
Researchers have disclosed details of critical security vulnerabilities in TerraMaster network-attached storage devices that could be chained to attain unauthenticated remote code execution with the highest privileges. "The issues reside in TOS, an abbreviation for TerraMaster Operating System, and"can grant unauthenticated attackers access to the victim's box simply by knowing the IP address, Ethiopian cyber security research firm Octagon Networks' Paulos Yibelo said in a statement shared with The Hacker News.
ASUSTOR network-attached storage devices have become the latest victim of Deadbolt ransomware, less than a month after similar attacks singled out QNAP NAS appliances. The attacks primarily affect internet-exposed ASUSTOR NAS models running ADM operating systems including, but not limited to, AS5104T, AS5304T, AS6404T, AS7004T, AS5202T, AS6302T, and AS1104T. Much like the intrusions targeting QNAP NAS devices, the threat actors claim to be using a zero-day vulnerability to encrypt ASUSTOR NAS devices, demanding that victims pay 0.03 bitcoins to recover access.
QNAP has extended support and will keep issuing security updates for some end-of-life network-attached storage devices until October 2022. "Due to these reasons, QNAP normally maintains security updates for 4 years after a product passes its EOL date. As a special effort to help users protect their devices from today's security threats, QNAP has extended security updates for some EOL models till October 2022.".
A critical vulnerability in Samba, a widely used open source implementation of the Server Message Block networking protocol, could allow attackers to execute arbitrary code as root on affected Samba installations. Several updated versions of Samba have been released on Monday, fixing CVE-2021-44142 and two other flaws, but since the software is included in most Linux and Unix-like operating systems, users of those are advised to keep an eye out for specific updates by those developer teams.
Taiwanese company QNAP has warned customers to secure network-attached storage appliances and routers against a new ransomware variant called DeadBolt. "QNAP urges all QNAP NAS users to [] immediately update QTS to the latest available version."
It's been a busy week with ransomware attacks tied to political protests, new attacks on NAS devices, amazing research released about tactics, REvil's history, and more. A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.
QNAP has urged NAS users to act "Immediately" to install its latest updates and enable security protections after warning that product-specific ransomware called Deadbolt is targeting users' boxen. Security advice from QNAP includes disabling port-forwarding and UPnP port forwarding if your NAS is internet-facing.
QNAP is warning customers again to secure their Internet-exposed Network Attached Storage devices to defend against ongoing and widespread attacks targeting their data with the new DeadBolt ransomware strain. All QNAP users are urged to "Immediately update QTS to the latest available version" to block incoming DeadBolt ransomware attacks.