The Cybersecurity and Infrastructure Security Agency (CISA) has added 12 vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Apple, Chrome, Android OS, D-Link (5), QNAP NAS, MikroTik, Oracle WebLogic, FortiOS and FortiADC flaws.
The FBI, NSA and CISA coauthored a joint Cybersecurity Advisory detailing how People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities to gain access to a broad network of compromised infrastructure.
The Cybersecurity and Infrastructure Security Agency (CISA) has added a Critical WatchGuard and two Microsoft Active Directory flaws, along with five other vulnerabilities to its Known Exploited Vulnerabilities Catalog.
The Cybersecurity and Infrastructure Security Agency (CISA) has added 7 vulnerabilities to its Known Exploited Vulnerabilities Catalog. Recent additions include vulnerabilities affecting Trend Micro, Sophos, Windows, QNAP, Dell, and Dasan products.
An advanced persistent threat (APT) campaign dubbed TiltedTemple has been using a “sophisticated tool” and malicious backdoor SockDetour to target U.S. defense contractors.
QNAP and other network storage makers have issued security advisories for OpenSSL remote code execution and denial-of-service (DoS) vulnerabilities that impact its network-attached storage (NAS) devices.
Researchers have discovered a new eCh0raix ransomware variant that targets QNAP and Synology network-attached storage (NAS) devices.
QNAP Systems, Inc. (QNAP) issued a statement strongly urging users to immediately update and run malware scans on QNAP NAS devices after recent reports of ransomware attacks involving Qlocker and eCh0raix.
Security researchers have warned legacy QNAP NAS devices are vulnerable to zero-day cyberattacks. Although QNAP patched two vulnerabilities in recent firmware updates, the company acknowledged patches were not yet available for certain legacy devices.
QNAP has fixed a High severity Command Injection vulnerability CVE-2020-25847 in QTS and QuTS hero.
