fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

QNAP: DeadBolt Ransomware Exploits a Bug Patched in December

QNAP: DeadBolt Ransomware Exploits a Bug Patched in December

Taiwan-based network-attached storage (NAS) maker QNAP urges customers to enable firmware auto-updating on their devices to defend against active attacks.

According to the company, the attackers target a vulnerability patched in December, allowing them to run arbitrary code on vulnerable systems.

“Recently the QNAP Product Security Incident Response Team (PSIRT) detected that cybercriminals are taking advantage of a patched vulnerability, described in the QNAP Security Advisory (QSA-21-57), to launch a cyberattack,” the NAS maker said today.

Also Read: Data Anonymisation: Managing Personal Data Protection Risk

“On January 27, 2022, QNAP set the patched versions of system software as ‘Recommended Version.’ If auto update for ‘Recommended Version’ is enabled on your QNAP NAS, the system will automatically update to certain OS version to enhance security and protection of your QNAP NAS, mitigating the attack from criminals.”

You can find more information on the Auto Update feature and how it can be toggled on or off in today’s press release.

DeadBolt ransomware attacks

While the company did not name the threat actors behind these ongoing attacks, the warning comes after a wave of attacks targeting Internet-exposed QNAP devices with DeadBolt ransomware and asking victims to pay 0.03 bitcoins (approximately $1,100) for a decryption key.

It was later revealed that QNAP force installed the update needed to block attackers from exploiting the QSA-21-57 bug after thousands of customers had their data encrypted in DeadBolt attacks.

Also Read: Do Not Call Registry Penalty: Important Tips To Consider

QNAP told BleepingComputer that they forced-installed this update as they believe the threat actors are using the remote code execution vulnerability fixed in the 5.0.0.1891 firmware version and mentioned in today’s announcement.

According to QNAP, the security bug has been addressed in the following versions of QTS and QuTS hero:

  • QTS 5.0.0.1891 build 20211221 and later
  • QTS 4.5.4.1892 build 20211223 and later
  • QuTS hero h5.0.0.1892 build 20211222 and later
  • QuTS hero h4.5.4.1892 build 20211223 and later
  • QuTScloud c5.0.0.1919 build 20220119 and later

However, a customer said in the QNAP forum that they were encrypted even when they had this firmware version installed, indicating that the threat actors are likely exploiting a different vulnerability.

Including the DeadBolt ransomware alert, QNAP issued three warnings in the last 12 months to alert customers of ransomware attacks targeting their Internet-exposed NAS devices.

QNAP previously warned rusers of AgeLocker ransomware attacks in April and eCh0raix ransomware attacks in May.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us