Search cyberveille.decio.ch

QNAPping At The Wheel (CVE-2024-27130 and friends)

Infosec is, at it’s heart, all about that data. Obtaining access to it (or disrupting access to it) is in every ransomware gang and APT group’s top-10 to-do-list items, and so it makes sense that our research voyage would, at some point, cross paths with products intended to manage - and safeguard - this precious resource.

#watchtowr #EN #2024 #CVE-2024-27130 #QNAPping #QNAP #NAS #IoT #vulnerability

·labs.watchtowr.com·May 20, 2024

QNAPping At The Wheel (CVE-2024-27130 and friends)

QNAP warns severe OpenSSL bug affects most of its NAS devices

Taiwan-based network-attached storage (NAS) maker QNAP warned on Tuesday that most of its NAS devices are impacted by a high severity OpenSSL bug disclosed two weeks ago. Attackers can exploit the vulnerability, tracked as CVE-2022-0778, to trigger a denial of service state and remotely crash unpatched devices.

#QNAP #bleepingcomputer #EN #2022 #OpenSSL #bug #CVE-2022-0778 #NAS

·bleepingcomputer.com·Mar 31, 2022

QNAP warns severe OpenSSL bug affects most of its NAS devices

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

#DeadBolt #NAS #QNAP #Ransomware #EN #bleepingcomputer #0-day #2022

·bleepingcomputer.com·Feb 15, 2022

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

+92,000 Internet-facing D-Link NAS devices can be easily hacked

A researcher disclosed an arbitrary command injection and hardcoded backdoor issue in multiple end-of-life D-Link NAS models.

#securityaffairs #EN #2024 #D-Link #NAS #devices #backdoor

·securityaffairs.com·Apr 7, 2024

+92,000 Internet-facing D-Link NAS devices can be easily hacked

Over 92,000 exposed D-Link NAS devices have a backdoor account

A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage (NAS) device models.

#bleepingcomputer #En #2024 #Backdoor #Command-Injection #D-Link #EOL #NAS #Remote-Code-Execution #Vulnerability

·bleepingcomputer.com·Apr 6, 2024

Over 92,000 exposed D-Link NAS devices have a backdoor account

QNAP warns severe OpenSSL bug affects most of its NAS devices

Taiwan-based network-attached storage (NAS) maker QNAP warned on Tuesday that most of its NAS devices are impacted by a high severity OpenSSL bug disclosed two weeks ago. Attackers can exploit the vulnerability, tracked as CVE-2022-0778, to trigger a denial of service state and remotely crash unpatched devices.

#QNAP #bleepingcomputer #EN #2022 #OpenSSL #bug #CVE-2022-0778 #NAS

·bleepingcomputer.com·Mar 31, 2022

QNAP warns severe OpenSSL bug affects most of its NAS devices

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

#DeadBolt #NAS #QNAP #Ransomware #EN #bleepingcomputer #0-day #2022

·bleepingcomputer.com·Feb 15, 2022

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

QNAP warns severe OpenSSL bug affects most of its NAS devices

Taiwan-based network-attached storage (NAS) maker QNAP warned on Tuesday that most of its NAS devices are impacted by a high severity OpenSSL bug disclosed two weeks ago. Attackers can exploit the vulnerability, tracked as CVE-2022-0778, to trigger a denial of service state and remotely crash unpatched devices.

#QNAP #bleepingcomputer #EN #2022 #OpenSSL #bug #CVE-2022-0778 #NAS

·bleepingcomputer.com·Mar 31, 2022

QNAP warns severe OpenSSL bug affects most of its NAS devices

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

#DeadBolt #NAS #QNAP #Ransomware #EN #bleepingcomputer #0-day #2022

·bleepingcomputer.com·Feb 15, 2022

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

QNAP warns severe OpenSSL bug affects most of its NAS devices

Taiwan-based network-attached storage (NAS) maker QNAP warned on Tuesday that most of its NAS devices are impacted by a high severity OpenSSL bug disclosed two weeks ago. Attackers can exploit the vulnerability, tracked as CVE-2022-0778, to trigger a denial of service state and remotely crash unpatched devices.

#QNAP #bleepingcomputer #EN #2022 #OpenSSL #bug #CVE-2022-0778 #NAS

·bleepingcomputer.com·Mar 31, 2022

QNAP warns severe OpenSSL bug affects most of its NAS devices

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

#DeadBolt #NAS #QNAP #Ransomware #EN #bleepingcomputer #0-day #2022

·bleepingcomputer.com·Feb 15, 2022

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

QNAP warns severe OpenSSL bug affects most of its NAS devices

Taiwan-based network-attached storage (NAS) maker QNAP warned on Tuesday that most of its NAS devices are impacted by a high severity OpenSSL bug disclosed two weeks ago. Attackers can exploit the vulnerability, tracked as CVE-2022-0778, to trigger a denial of service state and remotely crash unpatched devices.

#QNAP #bleepingcomputer #EN #2022 #OpenSSL #bug #CVE-2022-0778 #NAS

·bleepingcomputer.com·Mar 31, 2022

QNAP warns severe OpenSSL bug affects most of its NAS devices

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

#DeadBolt #NAS #QNAP #Ransomware #EN #bleepingcomputer #0-day #2022

·bleepingcomputer.com·Feb 15, 2022

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

Synology NAS DSM Account Takeover: When Random is not Secure

Team82 has uncovered the use of a weak random number generator in Synology’s DiskStation Manager (DSM) Linux-based operating system running on the company’s network-attached storage (NAS) products The insecure Math.random() method was used to generate the password of the admin password for the NAS device itself. Under some rare conditions, an attacker could leak enough information to restore the seed of the pseudorandom number generator (PRNG), reconstruct the admin password, and remotely take over the admin account. * The vulnerability, tracked as CVE-2023-2729, has been addressed by Synology. Synology’s advisory is here.

#claroty #team42 #EN #2023 #CVE-2023-2729 #ynology #NAS #DSM #Account #Takeover #random

·claroty.com·Oct 18, 2023

Synology NAS DSM Account Takeover: When Random is not Secure

QNAP warns severe OpenSSL bug affects most of its NAS devices

Taiwan-based network-attached storage (NAS) maker QNAP warned on Tuesday that most of its NAS devices are impacted by a high severity OpenSSL bug disclosed two weeks ago. Attackers can exploit the vulnerability, tracked as CVE-2022-0778, to trigger a denial of service state and remotely crash unpatched devices.

#QNAP #bleepingcomputer #EN #2022 #OpenSSL #bug #CVE-2022-0778 #NAS

·bleepingcomputer.com·Mar 31, 2022

QNAP warns severe OpenSSL bug affects most of its NAS devices

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

#DeadBolt #NAS #QNAP #Ransomware #EN #bleepingcomputer #0-day #2022

·bleepingcomputer.com·Feb 15, 2022

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

QNAP warns of zero-day vulnerability in latest DeadBolt ransomware campaign

The Record by Recorded Future gives exclusive, behind-the-scenes access to leaders, policymakers, researchers, and the shadows of the cyber underground.

#therecord #EN #2022 #QNAP #DeadBolt #ransomware #NAS

·therecord.media·Sep 7, 2022

QNAP warns of zero-day vulnerability in latest DeadBolt ransomware campaign

QNAP warns severe OpenSSL bug affects most of its NAS devices

Taiwan-based network-attached storage (NAS) maker QNAP warned on Tuesday that most of its NAS devices are impacted by a high severity OpenSSL bug disclosed two weeks ago. Attackers can exploit the vulnerability, tracked as CVE-2022-0778, to trigger a denial of service state and remotely crash unpatched devices.

#QNAP #bleepingcomputer #EN #2022 #OpenSSL #bug #CVE-2022-0778 #NAS

·bleepingcomputer.com·Mar 31, 2022

QNAP warns severe OpenSSL bug affects most of its NAS devices

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

#DeadBolt #NAS #QNAP #Ransomware #EN #bleepingcomputer #0-day #2022

·bleepingcomputer.com·Feb 15, 2022

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

QNAP warns of zero-day vulnerability in latest DeadBolt ransomware campaign

The Record by Recorded Future gives exclusive, behind-the-scenes access to leaders, policymakers, researchers, and the shadows of the cyber underground.

#therecord #EN #2022 #QNAP #DeadBolt #ransomware #NAS

·therecord.media·Sep 7, 2022

QNAP warns of zero-day vulnerability in latest DeadBolt ransomware campaign

QNAP warns severe OpenSSL bug affects most of its NAS devices

Taiwan-based network-attached storage (NAS) maker QNAP warned on Tuesday that most of its NAS devices are impacted by a high severity OpenSSL bug disclosed two weeks ago. Attackers can exploit the vulnerability, tracked as CVE-2022-0778, to trigger a denial of service state and remotely crash unpatched devices.

#QNAP #bleepingcomputer #EN #2022 #OpenSSL #bug #CVE-2022-0778 #NAS

·bleepingcomputer.com·Mar 31, 2022

QNAP warns severe OpenSSL bug affects most of its NAS devices

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

#DeadBolt #NAS #QNAP #Ransomware #EN #bleepingcomputer #0-day #2022

·bleepingcomputer.com·Feb 15, 2022

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

QNAP warns severe OpenSSL bug affects most of its NAS devices

Taiwan-based network-attached storage (NAS) maker QNAP warned on Tuesday that most of its NAS devices are impacted by a high severity OpenSSL bug disclosed two weeks ago. Attackers can exploit the vulnerability, tracked as CVE-2022-0778, to trigger a denial of service state and remotely crash unpatched devices.

#QNAP #bleepingcomputer #EN #2022 #OpenSSL #bug #CVE-2022-0778 #NAS

·bleepingcomputer.com·Mar 31, 2022

QNAP warns severe OpenSSL bug affects most of its NAS devices

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

#DeadBolt #NAS #QNAP #Ransomware #EN #bleepingcomputer #0-day #2022

·bleepingcomputer.com·Feb 15, 2022

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key