fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

QNAP Warns Of Windows Zerologon Flaw Affecting Some NAS Devices

QNAP Warns Of Windows Zerologon Flaw Affecting Some NAS Devices

Network-attached storage device maker QNAP warns customers that some NAS storage devices running vulnerable versions of the QTS operating system are exposed to attacks attempting to exploit the critical Windows ZeroLogon (CVE-2020-1472) vulnerability.

“If exploited, this elevation of privilege vulnerability allows remote attackers to bypass security measures via a compromised QTS device on the network,” QNAP explains in a security advisory published on Monday.

“The NAS may be exposed to this vulnerability if users have configured the device as a domain controller in Control Panel > Network & File Services > Win/Mac/NFS > Microsoft Networking.”

While NAS devices aren’t commonly used as a Windows domain controller, some organizations might want to use this feature to allow IT admins to use some NAS models to manage user accounts, authentication, and enforce domain security.

Given that NAS devices can’t be set up as domain controllers if an LDAP server is already running, NAS LDAP servers are by default secured from attacks using ZeroLogon exploits.

Also Read: Top 8 Main PDPA Obligations To Boost And Secure Your Business

QNAP NAS domain controller UI
NAS domain controller UI (QNAP)

Security updates available

The company ‘strongly’ recommends QNAP customers to update the QTS operating system on their NAS devices together with all installed apps to defend against Zerologon attacks.

QNAP says that QTS 2.x and QES are not affected by the CVE-2020-1472 vulnerability and that it has already fixed the issue in these QTS versions:

  • QTS 4.5.1.1456 build 20201015 and later
  • QTS 4.4.3.1439 build 20200925 and later
  • QTS 4.3.6.1446 Build 20200929 and later
  • QTS 4.3.4.1463 build 20201006 and later
  • QTS 4.3.3.1432 build 20201006 and later

To install the latest QTS update users have to go manually update the OS by downloading the update from QNAP’s Download Center or automatically by following this procedure:

  1. Log on to QTS as administrator.
  2. Go to Control Panel > System > Firmware Update.
  3. Under Live Update, click Check for Update.
    QTS downloads and installs the latest available update.

To update all installed applications on their NAS, users have to go through the steps detailed in the advisory.

QNAP recently addressed two critical bugs in the Helpdesk app that could allow attackers to take over unpatched NAS devices and issued another security advisory warning of a recent surge in ransomware attacks targeting publicly exposed NAS devices.

Also Read: Intrusion Into Privacy All About Law And Legal Definition

The Zerologon security vulnerability

ZeroLogon is a critical Windows vulnerability that allows attackers to gain domain administrator privileges and to take control over the entire domain.

Earlier this month, Microsoft has warned that both nation state-backed hackers and financially motivated cybercriminals have already started to use ZeroLogon exploits in their attacks. 

Microsoft first alerted customers of  ZeroLogon being actively exploited in attacks on September 23.

The Iranian-backed MuddyWater cyber-espionage group (also tracked as MERCURY and SeedWorm) also started abusing the flaw beginning with the second half of September.

TA505 (aka Chimborazo), a threat group known for distributing the Dridex banking trojan since 2014 and for being a conduit for the deployment of Clop ransomware in later stages of their attacks, was also spotted by Microsoft exploiting the ZeroLogon vulnerability.

On September 18, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) demanded the Federal Civilian Executive Branch to treat fixing the ZeroLogon flaw as “”an immediate and emergency action.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us