Search the Community

Zerologon is now affecting NAS devices Your network-attached storage could be at risk (Image credit: Shutterstock) Some network-attached storage (NAS) devices could be vulnerable to the Windows Zerologon security flaw, according to NAS manufacturer QNAP. Attackers could exploit the bug to bypass security measures remotely. NAS devices running a vulnerable version of the QTS operating system are deemed to be at risk. In addition, NAS devices must be configured as a Windows domain controller to be exploited by a threat act

A vulnerability in legacy Iomega and LenovoEMC network-attached storage (NAS) devices has led to many terabytes of potentially sensitive data being accessible to anyone via the Internet. About Iomega and LenovoEMC Iomega Corporation was acquired in 2008 by EMC. In 2013, Iomega became LenovoEMC – a joint venture between Lenovo and EMC Corporation – and Iomega’s products were rebranded under the new name. Iomega’s and LenovoEMC’s storage products were aimed at small and medium-sized businesses. About the vulnerability (CVE-2019-6160) CVE-2019-6160

Zyxel Fixes 0day in Network Storage Devices Patch comes amid active exploitation by ransomware gangs Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground. Based in Taiwan, Zyxel Communications Corp. (a.k.a “ZyXEL”) is a maker of networking devices, includin