fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

QNAP Warns Customers Of Recent Wave Of Ransomware Attacks

QNAP Warns Customers Of Recent Wave Of Ransomware Attacks

QNAP has issued an advisory about a recent wave of ransomware attacks targeting its NAS storage devices and encrypting files.

Last week, BleepingComputer broke the story of ransomware known as AgeLocker attacking publicly exposed QNAP NAS devices.

AgeLocker ransom note

The ransomware gets its name from its use of the encryption algorithm called Actually Good Encryption (AGE) when encrypting files.

At the time of our reporting, it was not known how the attackers were gaining access to QNAP devices, but a new security advisory by QNAP indicates that the attackers are targeting older vulnerable versions of Photo Station.

Also Read: Personal Data Websites: 3 Things That You Must Be Informed

“QNAP Product Security Incident Response Team (PSIRT) has found evidence that the ransomware may attack earlier versions of Photo Station. We are thoroughly investigating the case and will release more information as soon as possible,” QNAP stated in an advisory.

Photo Station is a built-in application that allows users to upload photos to their NAS device, create albums, and remotely view them.

QNAP had previously warned of another ransomware called eCh0raix that also targeted vulnerabilities in the app.

How to secure your QNAP device

To secure your NAS device, QNAP advises all owners to upgrade to the latest QTS version and update all installed applications, especially Photo Station.

To install the latest QTS update, you can perform the following steps:

  1. Log on to QTS as an administrator.
  2. Go to Control Panel > System > Firmware Update.
  3. Under Live Update, click Check for Update.
    QTS downloads and installs the latest available update.

You can also manually update the QTS firmware by going to Support > Download Center and downloading the manual update for your specific device.

To update all the apps on your QNAP devices, please follow these steps:

  1. Log on to QTS as an administrator.
  2. Go to App Center.
  3. Select My Apps
  4. Beside Install Updates, click All.
    A confirmation message appears.
  5. Click OK.
    QTS updates all your installed applications to their latest versions.

In addition to QNAP’s suggestions, it is also suggested that you do not expose the QTS Administration page or QTS applications to the Internet.

If an attacker cannot gain access to these pages, they will not be able to exploit any known vulnerabilities to gain access to your device.

Also Read: 5 Assessment Tools To Find The Right Professional Fit

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us