Search the Community
Showing results for tags 'nas'.
mood posted a topic in Security & Privacy NewsLegacy QNAP NAS Devices Vulnerable to Zero-Day Attack Some legacy models of QNAP network attached storage devices are vulnerable to remote unauthenticated attacks because of two unpatched vulnerabilities. Two critical zero-day bugs affect legacy QNAP Systems storage hardware, and expose devices to remote unauthenticated attackers. The bugs, tracked as CVE-2020-25099 and CVE-2021-36195, impact QNAP’s model TS-231 network attached storage (NAS) hardware, allowing an attacker to manipulate stored data and hijack the device. The vul
Zerologon is now affecting NAS devices Your network-attached storage could be at risk (Image credit: Shutterstock) Some network-attached storage (NAS) devices could be vulnerable to the Windows Zerologon security flaw, according to NAS manufacturer QNAP. Attackers could exploit the bug to bypass security measures remotely. NAS devices running a vulnerable version of the QTS operating system are deemed to be at risk. In addition, NAS devices must be configured as a Windows domain controller to be exploited by a threat act
Zyxel Fixes 0day in Network Storage Devices Patch comes amid active exploitation by ransomware gangs Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground. Based in Taiwan, Zyxel Communications Corp. (a.k.a “ZyXEL”) is a maker of networking devices, includin
straycat19 posted a topic in Security & Privacy NewsA vulnerability in legacy Iomega and LenovoEMC network-attached storage (NAS) devices has led to many terabytes of potentially sensitive data being accessible to anyone via the Internet. About Iomega and LenovoEMC Iomega Corporation was acquired in 2008 by EMC. In 2013, Iomega became LenovoEMC – a joint venture between Lenovo and EMC Corporation – and Iomega’s products were rebranded under the new name. Iomega’s and LenovoEMC’s storage products were aimed at small and medium-sized businesses. About the vulnerability (CVE-2019-6160) CVE-2019-6160