Security News

Week in review: Uber hacked, QNAP NAS devices under attack, 5 Kali Linux books to read this year
2022-09-18 08:00

Thousands of QNAP NAS devices hit by DeadBolt ransomwareQNAP Systems has provided more information about the latest DeadBolt ransomware campaign targeting users of its network-attached storage devices and the vulnerability the attackers are exploiting. 5 Kali Linux books you should read this yearKali Linux is a Linux distribution designed for digital forensics, penetration testing, security research, and reverse engineering.

Thousands of QNAP NAS devices hit by DeadBolt ransomware (CVE-2022-27593)
2022-09-12 11:27

QNAP Systems has provided more information about the latest DeadBolt ransomware campaign targeting users of its network-attached storage devices and the vulnerability the attackers are exploiting. "QNAP's security team determined that the source of the DeadBolt malware attack is via The Onion Routing, an anonymous connection," the company shared.

DEADBOLT ransomware rears its head again, attacks QNAP devices
2022-09-07 18:57

Most contemporary ransomware attacks involve two groups of criminals: a core gang who create the malware and handle the extortion payments, and "Members" of a loose-knit clan of "Affiliates" who actively break into networks to carry out the attacks. Regular readers of Naked Security will know that some victims, notably home users and small business, end up getting blackmailed via their NAS, or networked attached storage devices.

DeadBolt is hitting QNAP NAS devices via zero-day bug, what to do?
2022-09-06 11:11

A few days ago - and smack in the middle of the weekend preceding Labor Day - Taiwan-based QNAP Systems has warned about the latest round of DeadBolt ransomware attacks targeting users of its QNAP network-attached storage devices. "QNAP detected a new DeadBolt ransomware campaign on the morning of September 3rd, 2022. The campaign appears to target QNAP NAS devices running Photo Station with internet exposure," the company said in a security advisory.

QNAP Warns of New DeadBolt Ransomware Attacks Exploiting Photo Station Flaw
2022-09-06 03:11

QNAP has issued a new advisory urging users of its network-attached storage devices to upgrade to the latest version of Photo Station following yet another wave of DeadBolt ransomware attacks in the wild by exploiting a zero-day flaw in the software. The Taiwanese company said it detected the attacks on September 3 and that "The campaign appears to target QNAP NAS devices running Photo Station with internet exposure."

QNAP patches zero-day used in new Deadbolt ransomware attacks
2022-09-05 15:49

QNAP is warning customers of ongoing DeadBolt ransomware attacks that started on Saturday by exploiting a zero-day vulnerability in Photo Station. "QNAP® Systems, Inc. today detected the security threat DEADBOLT leveraging exploitation of Photo Station vulnerability to encrypt QNAP NAS that are directly connected to the Internet," explains the security notice.

QNAP: New DeadBolt ransomware attacks exploit Photo Station bug
2022-09-05 15:49

QNAP is warning customers of ongoing DeadBolt ransomware attacks that started on Saturday by exploiting a zero-day vulnerability in Photo Station. "QNAP® Systems, Inc. today detected the security threat DEADBOLT leveraging exploitation of Photo Station vulnerability to encrypt QNAP NAS that are directly connected to the Internet," explains the security notice.

Checkmate ransomware hits QNAP NAS devices
2022-07-08 09:36

QNAP Systems is warning about Checkmate, a new piece of ransomware targeting users of its network-attached storage appliances. "Preliminary investigation indicates that Checkmate attacks via SMB services exposed to the internet, and employs a dictionary attack to break accounts with weak passwords," the company says.

QNAP warns of new Checkmate ransomware targeting NAS devices
2022-07-07 15:47

Network-attached storage vendor QNAP warned customers to secure their devices against attacks using Checkmate ransomware to encrypt data. QNAP says the attacks are focused on Internet-exposed QNAP devices with the SMB service enabled and accounts with weak passwords that can easily be cracked in brute-force attacks.

Critical PHP Vulnerability Exposes QNAP NAS Devices to Remote Attacks
2022-06-22 23:36

QNAP, Taiwanese maker of network-attached storage devices, on Wednesday said it's in the process of fixing a critical three-year-old PHP vulnerability that could be abused to achieve remote code execution. "A vulnerability has been reported to affect PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24, and 7.3.x below 7.3.11 with improper nginx config," the hardware vendor said in an advisory.