tldrdaily.news logo
Tag

Nas Devices

All articles tagged with #nas devices

"92,000 D-Link NAS Devices Face Critical Exploitation Threat"
technology1 year ago

"92,000 D-Link NAS Devices Face Critical Exploitation Threat"

D-Link has issued a rip and replace order for its expired NAS devices, which are being actively exploited due to critical security vulnerabilities, including a hardcoded backdoor and a command injection bug. The affected models have reached their end-of-service date and will not receive firmware updates or security patches. Users are advised to retire and replace these devices, as exploit attempts are actively targeting them, potentially leading to unauthorized access and data risk.

via The Register|
#d-link#end-of-service#exploit-attempts
"92,000 D-Link NAS Devices Vulnerable to Critical Exploits"
cybersecurity1 year ago

"92,000 D-Link NAS Devices Vulnerable to Critical Exploits"

Two critical security flaws affecting legacy D-Link NAS devices have left as many as 92,000 devices vulnerable to malware attacks, with threat actors actively exploiting the vulnerabilities to deliver the Mirai botnet malware. D-Link has no plans to release a patch and advises customers to replace the affected devices, while the Shadowserver Foundation recommends taking the devices offline or firewalling remote access to mitigate potential threats. The findings highlight the evolving tactics of threat actors, with malware-initiated scanning attacks increasingly being used to exploit vulnerabilities in target networks.

via The Hacker News|
#cybersecurity#d-link#malware-attacks
"Exploited: Critical Backdoor Security Flaw in 92,000 D-Link NAS Devices"
technology1 year ago

"Exploited: Critical Backdoor Security Flaw in 92,000 D-Link NAS Devices"

Over 92,000 end-of-life D-Link NAS devices are being actively targeted by attackers exploiting a critical remote code execution (RCE) zero-day flaw, resulting from a backdoor and command injection issue. The vulnerability allows threat actors to deploy Mirai malware variants, potentially leading to unauthorized access, data modification, or denial of service. D-Link has stated that these devices are no longer supported and recommends retiring or replacing them, although it's also advised owners to ensure the devices have the latest firmware.

via BleepingComputer|
#cybersecurity#d-link#mirai-malware
"Critical Authentication Bypass Flaw Found in QNAP NAS Devices"
technology2 years ago

"Critical Authentication Bypass Flaw Found in QNAP NAS Devices"

QNAP has warned of critical vulnerabilities in its NAS software products that could allow attackers to access devices, including an authentication bypass flaw that can be executed remotely without authentication. The flaws impact various versions of QNAP's operating systems, and users are recommended to upgrade to specific versions to address the vulnerabilities. NAS devices are often targeted for data theft and extortion, so it's crucial for owners to keep their software updated and avoid exposing these devices to the internet.

via BleepingComputer|
#authentication-bypass#firmware-update#nas-devices
Zyxel addresses critical vulnerabilities in NAS, firewall, and AP devices
technology2 years ago

Zyxel addresses critical vulnerabilities in NAS, firewall, and AP devices

Zyxel has identified multiple critical vulnerabilities in its network-attached storage (NAS) devices, including flaws that could allow unauthorized access and execution of operating system commands. The affected devices are the NAS326 and NAS542 models running specific firmware versions. Users are advised to upgrade their firmware to the recommended versions to mitigate the risks. No mitigation advice or workarounds have been provided, emphasizing the importance of applying the firmware update.

via BleepingComputer|
#firmware-update#nas-devices#security
QNAP Addresses Critical Flaws in QTS OS and Apps, Ensuring NAS Device Security
vulnerability-data-security2 years ago

QNAP Addresses Critical Flaws in QTS OS and Apps, Ensuring NAS Device Security

QNAP has released security updates to address two critical security flaws, CVE-2023-23368 and CVE-2023-23369, that could allow remote attackers to execute commands via a network. The vulnerabilities affect QTS, QuTS hero, QuTScloud, Multimedia Console, and Media Streaming add-on. Users are urged to update to the latest versions to mitigate potential threats, especially considering QNAP devices have been targeted in ransomware attacks in the past.

via The Hacker News|
#command-injection#nas-devices#patch