QNAP Owners; Get Busy Patching Or Get Busy Crying
Qlocker Spreads It’s Net
QNAP owners have had a busy year, with a large number of patches being pushed out to protect against a variety of threats. Their work is not yet done as another wave of patches and mitigation steps need to be applied ASAP, lest they fall afoul of QLocker or eCh0raix. These two ransomware attacks are spreading like wildfire across the net, encrypting entire NAS devices and ransoming your data for 0.01 bitcoins. Even with the plummeting values of cryptocurrency you still shouldn’t reward this type of behaviour. After all, you have at least two good recent backups, right?
The attacks leverage an SQL injection vulnerability, hard coded credentials and a vulnerability with both QTS and QuTS Hero. The patches are out there for you to get and install, something that should be high on owner’s priority lists. Grab the latest updates to all the QNAP software running on your boxes and it is also suggested you use a different port than the default, 8080, to make yourself a little harder to target.
Check out The Register for links to the patches, as well as the full list of suggestions from QNAP.
QNAP has urged its customers to install and run its latest firmware and malware removal tools on their NAS boxes amid a surge in ransomware infections.
More Tech News From Around The Web
- You’ve got it down Pat: Intel boss says 2020 was so strong, a 20% drop in data center sales now is to be expected @ The Register
- Samsung’s New Upcycling Program Allows You To Turn An Old Galaxy Phone Into a New IoT Device @ Slashdot
- University duo thought it would be cool to sneak bad code into Linux as an experiment. Of course, it absolutely backfired @ The Register
- Lego’s Space Shuttle Discovery: No trouble with Hubble, but the stickers will drive a grown man to insanity @ The Register
- Canonical Launches Ubuntu 21.04 ‘Hirsute Hippo’ @ Slashdot
- BMW Pushing Hard For Solid-State Battery Tech; Plans Demo By 2025 @ Hackaday
- Origami… in spaaaaace: Inflatable folded objects discovery brings new meaning to blowing up buildings @ The Register
- Flaws In John Deere’s Website Provides a Map To Customers, Equipment @ Slashdot
shawshank redemption was a great story