Wednesday, November 29, 2023
LetsAskBinu.com
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things
No Result
View All Result
LetsAskBinu.com
No Result
View All Result
Home Hacking

QNAP Warns of DeadBolt Ransomware Attacks Exploiting a Zero-day Flaw

Researcher by Researcher
September 8, 2022
in Hacking
0
QNAP Warns of DeadBolt Ransomware Attacks Exploiting a Zero-day Flaw
189
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter


QNAP Warns of DeadBolt Ransomware Attacks Exploiting a Zero-day Flaw

QNAP Systems, Inc found a new DEADBOLT ransomware attacks that exploits zero-day vulnerability in Photo Station. QNAP urges all QNAP NAS users to update Photo Station to the latest available version.

“QNAP® Systems, Inc. today detected the security threat DEADBOLT leveraging exploitation of Photo Station vulnerability to encrypt QNAP NAS that are directly connected to the Internet,” security notice from QNAP.

The company noticed DeadBolt ransomware campaign on September 3rd, 2022. “The campaign appears to target QNAP NAS devices running Photo Station with internet exposure”, QNAP.


EHA

The company did not share CVE for the vulnerability however the company fixed the Photo Station vulnerability within 12 hours of its use by DeadBolt actors and advised users to take a range of actions to protect themselves, including making sure their devices are not exposed to the internet.

A surge in DeadBolt submissions to ID Ransomware

A surge in DeadBolt submissions to ID Ransomware (BleepingComputer)

The attacks were extensive, with the ID Ransomware service seeing a surge in submissions on Saturday and Sunday.

Patches Released

  • QTS 5.0.1: Photo Station 6.1.2 and later
  • QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later
  • QTS 4.3.6: Photo Station 5.7.18 and later
  • QTS 4.3.3: Photo Station 5.4.15 and later
  • QTS 4.2.6: Photo Station 5.2.14 and later

The company says that QuMagie is a simple and powerful alternative to Photo Station. Therefore it is recommended using QuMagie to efficiently manage photo storage in your QNAP NAS.

 “We strongly urge that their QNAP NAS should not be directly connected to the internet. We recommend users to make use of the myQNAPcloud Link feature provided by QNAP, or enable the VPN service.” – QNAP.

How to Protect your NAS from the DeadBolt Ransomware? 

  • Disable the port forwarding function on the router.
  • Set up myQNAPcloud on the NAS to enable secure remote access and prevent exposure to the internet.
  • Update the NAS firmware to the latest version.
  • Update all applications on the NAS to their latest versions.
  • Apply strong passwords for all user accounts on the NAS.
  • Take snapshots and back up regularly to protect your data.

Secure Azure AD Conditional Access – Download Free White Paper



Source link

Related articles

North Korean Hackers Exploiting Zero-day Vulnerabilities

North Korean Hackers Exploiting Zero-day Vulnerabilities

November 28, 2023
North Korean Hackers Exploit MagicLine4NX Zero-day

North Korean Hackers Exploit MagicLine4NX Zero-day

November 28, 2023
Tags: AttacksDeadboltExploitingFlawQNAPRansomwarewarnszeroday
Share76Tweet47

Related Posts

North Korean Hackers Exploiting Zero-day Vulnerabilities

North Korean Hackers Exploiting Zero-day Vulnerabilities

November 28, 2023
0

The DPRK has been a great threat to organizations in recent times. Their attack methods have been discovered with several...

North Korean Hackers Exploit MagicLine4NX Zero-day

North Korean Hackers Exploit MagicLine4NX Zero-day

November 28, 2023
0

North Korea, DPRK threat actors, have been reportedly involved in several supply-chain attacks to gain unauthorized access to the intranet...

NukeSped Malware Exploiting Apache ActiveMQ Vulnerability

NukeSped Malware Exploiting Apache ActiveMQ Vulnerability

November 28, 2023
0

The Andariel threat group has been discovered installing malware via the exploitation of the Apache ActiveMQ remote code execution vulnerability...

A New Telekopye Bots That Tricks Users to Steal Payment Details

A New Telekopye Bots That Tricks Users to Steal Payment Details

November 27, 2023
0

Phishing bots are a tool used by hackers to fool people into disclosing private information such as-Login credentialsFinancial detailsWith the...

MOVEit Hack :AutoZone Users Personal Data Hacked

MOVEit Hack :AutoZone Users Personal Data Hacked

November 27, 2023
0

AutoZone Inc., a US retailer of automotive parts and accessories, warned customers that their data had been compromised as a...

Load More
  • Trending
  • Comments
  • Latest
This Week in Fintech: TFT Bi-Weekly News Roundup 08/02

This Week in Fintech: TFT Bi-Weekly News Roundup 15/03

March 15, 2022
Supply chain efficiency starts with securing port operations

Supply chain efficiency starts with securing port operations

March 15, 2022
Microsoft to Block Macros by Default in Office Apps

Qakbot Email Thread Hijacking Attacks Drop Multiple Payloads

March 15, 2022
QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

March 15, 2022
Beware! Facebook accounts being hijacked via Messenger prize phishing chats

Beware! Facebook accounts being hijacked via Messenger prize phishing chats

0
Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

0
Remote work causing security issues for system and IT administrators

Remote work causing security issues for system and IT administrators

0
Elementor WordPress plugin has a gaping security hole – update now – Naked Security

Elementor WordPress plugin has a gaping security hole – update now – Naked Security

0
ID Theft Service Resold Access to USInfoSearch Data – Krebs on Security

ID Theft Service Resold Access to USInfoSearch Data – Krebs on Security

November 28, 2023
Staying safe when shopping online this holiday season

Staying safe when shopping online this holiday season

November 28, 2023
This Week in Fintech: TFT Bi-Weekly News Roundup 08/02

This Week in Fintech: TFT Bi-Weekly News Roundup 28/11

November 28, 2023
North Korean Hackers Exploiting Zero-day Vulnerabilities

North Korean Hackers Exploiting Zero-day Vulnerabilities

November 28, 2023

Recent Posts

ID Theft Service Resold Access to USInfoSearch Data – Krebs on Security

ID Theft Service Resold Access to USInfoSearch Data – Krebs on Security

November 28, 2023
Staying safe when shopping online this holiday season

Staying safe when shopping online this holiday season

November 28, 2023
This Week in Fintech: TFT Bi-Weekly News Roundup 08/02

This Week in Fintech: TFT Bi-Weekly News Roundup 28/11

November 28, 2023

Categories

  • Cyber Threats
  • Cybersecurity
  • Fintech
  • Hacking
  • Internet Of Things
  • LetsAskBinuBlogs
  • Malware
  • Networking
  • Protection

Tags

Access attack Attacks banking BiWeekly bug Cisco cloud code critical Cyber Cybersecurity Data Digital exploited financial Fintech Flaw flaws Google Group Hackers Krebs Latest launches malware Microsoft million Network News open patches platform Ransomware RoundUp security Software Stories TFT Threat Top vulnerabilities vulnerability warns Week

© 2022 Lets Ask Binu All Rights Reserved

No Result
View All Result
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things

© 2022 Lets Ask Binu All Rights Reserved