QNAP and other network storage makers have issued security advisories for OpenSSL remote code execution and denial-of-service (DoS) vulnerabilities that impact its network-attached storage (NAS) devices.
Researchers have discovered a new eCh0raix ransomware variant that targets QNAP and Synology network-attached storage (NAS) devices.
QNAP Systems, Inc. (QNAP) issued a statement strongly urging users to immediately update and run malware scans on QNAP NAS devices after recent reports of ransomware attacks involving Qlocker and eCh0raix.
Security researchers have warned legacy QNAP NAS devices are vulnerable to zero-day cyberattacks. Although QNAP patched two vulnerabilities in recent firmware updates, the company acknowledged patches were not yet available for certain legacy devices.
The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-209 Security Guidelines for Storage Infrastructure.
A security researcher disclosed four vulnerabilities in QNAP PhotoStation and CGI programs. All QNAP network-attached storage (NAS) devices running Photo Station are vulnerable and of those, approximately 450,000 QNAP NAS devices are exposed to the internet.