Infosec is, at it’s heart, all about that data. Obtaining access to it (or disrupting access to it) is in every ransomware gang and APT group’s top-10 to-do-list items, and so it makes sense that our research voyage would, at some point, cross paths with products intended to manage - and safeguard - this precious resource.

QNAP has released patches for a dozen vulnerabilities in its products, including several high-severity flaws.

A Mirai-based botnet named 'InfectedSlurs' is exploiting a remote code execution (RCE) vulnerability in QNAP VioStor NVR (Network Video Recorder) devices to hijack and make them part of its DDoS (distributed denial of service) swarm.
#Actively #Botnet #Computer #Exploited #FXC #InfectedSlurs #InfoSec #Malware #QNAP #Router #Security #Vulnerability

A new ransomware operation is hacking Zimbra servers to steal emails and encrypt files. However, instead of demanding a ransom payment, the threat actors claim to require a donation to charity to provide an encryptor and prevent data leaking.

The Record by Recorded Future gives exclusive, behind-the-scenes access to leaders, policymakers, researchers, and the shadows of the cyber underground.

Raspberry Robin is a worm spread by external drives that leverages Windows Installer to download a malicious DLL.

Taiwan-based network-attached storage (NAS) maker QNAP warned on Tuesday that most of its NAS devices are impacted by a high severity OpenSSL bug disclosed two weeks ago.

Attackers can exploit the vulnerability, tracked as CVE-2022-0778, to trigger a denial of service state and remotely crash unpatched devices.

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.