QNAP Systems, Inc. (QNAP) issued a statement strongly urging users to immediately update and run malware scans on QNAP NAS devices after recent reports of ransomware attacks involving Qlocker and eCh0raix.
Security researchers have warned legacy QNAP NAS devices are vulnerable to zero-day cyberattacks. Although QNAP patched two vulnerabilities in recent firmware updates, the company acknowledged patches were not yet available for certain legacy devices.
QNAP has fixed a High severity Command Injection vulnerability CVE-2020-25847 in QTS and QuTS hero.
QNAP Systems has patched two access control vulnerabilities that affect QTS Helpdesk software.
Cyber criminals are using QSnatch malware to target vulnerable QNAP Network Attached Storage (NAS) devices.
A security researcher disclosed four vulnerabilities in QNAP PhotoStation and CGI programs. All QNAP network-attached storage (NAS) devices running Photo Station are vulnerable and of those, approximately 450,000 QNAP NAS devices are exposed to the internet.
Trend Micro recently gathered and published new vulnerability scan data on Internet of Things (IoT) devices such as home routers and Wi-Fi devices that could be vulnerable to malware threats such as VPNFilter.
For the past several months, Cisco's Talos security group has been researching a new advanced malware system dubbed "VPNFilter" that has compromised nearly 500,000 networking devices worldwide.