Security News
Network-attached storage appliance maker QNAP said it's currently investigating two recently patched security flaws in OpenSSL to determine their potential impact, adding it will release security updates should its products turn out to be vulnerable. "A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash," according to the advisory for CVE-2021-3711.
Network-attached storage maker QNAP is investigating and working on security updates to address remote code execution and denial-of-service vulnerabilities patched by OpenSSL last week. The security flaws tracked as CVE-2021-3711 and CVE-2021-3712, impact QNAP NAS device running QTS, QuTS hero, QuTScloud, and HBS 3 Hybrid Backup Sync, according to advisories [1, 2] published earlier today.
NAS devices under attack: How to keep them safe?Network-attached storage devices are a helpful solution for storing, managing, and sharing files and backups and, as such, they are an attractive target for cyber criminals. 65 vendors affected by severe vulnerabilities in Realtek chipsA vulnerability within the Realtek RTL819xD module allows attackers to gain complete access to the device, installed operating systems and other network devices.
Palo Alto Networks researchers recently found some 240,000 QNAP and approximately 3,500 Synology NAS devices exposed to the public internet. Since the start of the year, a variety of NAS devices have been hit by ransomware gangs, botnet operators, as well as attackers who simply decided to wipe the data without warning and install a trojan.
Operators of the nearly-year-old eCh0raix ransomware strain that's been used to target QNAP and Synology network-attached storage devices in past, separate campaigns have, gotten more efficient. In a report published Tuesday, Palo Alto Network Unit 42 researchers said the new variant of eCh0raix exploits a critical bug, CVE-2021-28799 - an improper authorization vulnerability that gives attackers access to hard-coded credentials so as to plant a backdoor account - in the Hybrid Backup Sync software on QNAP's NAS devices.
A newly discovered eCh0raix ransomware variant has added support for encrypting both QNAP and Synology Network-Attached Storage devices. The ransomware hit QNAP NAS devices in multiple waves, with two large-scale ones were reported in June 2019 and in June 2020.
Taiwan-based NAS maker Synology has warned customers that the StealthWorker botnet is targeting their network-attached storage devices in ongoing brute-force attacks that lead to ransomware infections. According to Synology's PSIRT, Synology NAS devices compromised in these attacks are later used in further attempts to breach more Linux systems.
Infortrend launched U.2 SSD solution for EonStor CS scale-out NAS. The new all-flash CS 4014U satisfies high performance-demanding requirements for high throughput and low latency workloads, such as media & entertainment, HPC, Big Data, etc. CS provides complete data protection and high availability to avoid data loss and system downtime caused by disk damage or system failures.
Taiwan-based network-attached storage maker QNAP has addressed a critical security vulnerability enabling attackers to compromise vulnerable NAS devices' security. The improper access control vulnerability tracked as CVE-2021-28809 was found by Ta-Lun Yen of TXOne IoT/ICS Security Research Labs in HBS 3 Hybrid Backup Sync, QNAP's disaster recovery and data backup solution.
"REvil ransomware authors have expanded their arsenal to include Linux ransomware, which allows them to target ESXi and NAS devices," Caspi wrote. In a nod to research by AdvIntel in early May 2021, which reported REvil's intent to port its Windows-based ransomware to Linux, Caspi confirmed the Linux variant was spotted in May "Affecting *nix systems and ESXi.".