17 matches found
QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates
Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage NAS devices that could lead to arbitrary code injection. Tracked as CVE-2022-27596, the vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring scale. It affects...
A week in security (October 17 - 23)
Last week on Malwarebytes Labs: Thermal cameras could help reveal your password How to spot a scam Warning: "FaceStealer" iOS and Android apps steal your Facebook login Criminal group busted after stealing hundreds of keyless cars Fake tractor fraudsters plague online transactions DeadBolt...
Dutch Police Tricked Deadbolt Ransomware Gang Into Sharing Decryption Keys
By Deeba Ahmed According to Dutch Police, Deadbolt ransomware attacks mainly focused on NAS network-attached storage. This is a post from HackRead.com Read the original post: Dutch Police Tricked Deadbolt Ransomware Gang Into Sharing Decryption Keys...
QNAP Photo Station DeadBolt Ransomware (QSA-22-24)
The version of Photo Station running on the remote QNAP NAS is affected by a vulnerability. An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. Note that Nessu...
CVE-2022-27593 DeadBolt Ransomware
An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later...
QNAP Photo Station Externally Controlled Reference Vulnerability
Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign...
QNAP Systems Photo Station 安全漏洞
QNAP Systems Photo Station is an online photo album from QNAP Systems. It is used to organize multimedia content photos and videos on Qnap Nas. A security vulnerability in QNAP Systems Photo Station can be exploited by an attacker to execute DeadBolt ransomware campaigns affecting the following...
Critical RCE Vulnerability Affects Zyxel NAS Devices — Firmware Patch Released
Networking equipment maker Zyxel has released patches for a critical security flaw impacting its network-attached storage NAS devices. Tracked as CVE-2022-34747 CVSS score: 9.8, the issue relates to a "format string vulnerability" affecting NAS326, NAS540, and NAS542 models. Zyxel credited...
QNAP Warns of New DeadBolt Ransomware Attacks Exploiting Photo Station Flaw
QNAP has issued a new advisory urging users of its network-attached storage NAS devices to upgrade to the latest version of Photo Station following yet another wave of DeadBolt ransomware attacks in the wild by exploiting a zero-day flaw in the software. The Taiwanese company said it detected the...
VulnCheck KEV: CVE-2022-27593
Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign...
Critical PHP Vulnerability Exposes QNAP NAS Devices to Remote Attacks
QNAP, Taiwanese maker of network-attached storage NAS devices, on Wednesday said it's in the process of fixing a critical three-year-old PHP vulnerability that could be abused to achieve remote code execution. "A vulnerability has been reported to affect PHP versions 7.1.x below 7.1.33, 7.2.x bel...
Closing the Door: DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme
In this report, we investigate the reasons that the DeadBolt ransomware family is more problematic for its victims than other ransomware families that previously targeted NAS devices...
QNAP Urges Users to Update NAS Devices to Prevent Deadbolt Ransomware Attacks
Taiwanese network-attached storage NAS devices maker QNAP on Thursday warned its customers of a fresh wave of DeadBolt ransomware attacks. The intrusions are said to have targeted TS-x51 series and TS-x53 series appliances running on QTS 4.3.6 and QTS 4.4.1, according to its product security...
QNAP QTS / QuTS Hero DEADBOLT Ransomware (QSA-22-02)
The version of QNAP QTS / QuTS Hero installed on the remote host is affected by an arbitrary code execution vulnerability which is being actively exploited by the DEADBOLT ransomware. The ransomware encrypts files, renames them with a .deadbolt extension and hijacks the login page with a ransom...
Critical Bugs in TerraMaster TOS Could Open NAS Devices to Remote Hacking
Researchers have disclosed details of critical security vulnerabilities in TerraMaster network-attached storage TNAS devices that could be chained to attain unauthenticated remote code execution with the highest privileges. The issues reside in TOS, an abbreviation for TerraMaster Operating Syste...
Warning — Deadbolt Ransomware Targeting ASUSTOR NAS Devices
ASUSTOR network-attached storage NAS devices have become the latest victim of Deadbolt ransomware, less than a month after similar attacks singled out QNAP NAS appliances. In response to the infections, the company has released firmware updates ADM 4.0.4.RQO2 to "fix related security issues." The...
QNAP Warns of DeadBolt Ransomware Targeting Internet-Facing NAS Devices
Taiwanese company QNAP has warned customers to secure network-attached storage NAS appliances and routers against a new ransomware variant called DeadBolt. "DeadBolt has been widely targeting all NAS exposed to the Internet without any protection and encrypting users' data for Bitcoin ransom," th...