#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

DeadBolt | Breaking Cybersecurity News | The Hacker News

QNAP Urges Users to Update NAS Devices to Prevent Deadbolt Ransomware Attacks

QNAP Urges Users to Update NAS Devices to Prevent Deadbolt Ransomware Attacks

May 20, 2022
Taiwanese network-attached storage (NAS) devices maker QNAP on Thursday warned its customers of a fresh wave of DeadBolt ransomware attacks. The intrusions are said to have targeted TS-x51 series and TS-x53 series appliances running on QTS 4.3.6 and QTS 4.4.1, according to its product security incident response team.  "QNAP urges all NAS users to check and update QTS to the latest version as soon as possible, and avoid exposing their NAS to the internet," QNAP  said  in an advisory. This development marks the third time QNAP devices have come under assault from  DeadBolt ransomware  since the start of the year. In late January, as many as 4,988 DeadBolt-infected QNAP devices were identified, prompting the company to release a forced firmware update. A second uptick in new infections was  observed  in mid-March.  DeadBolt attacks are also notable for the fact that they allegedly leverage zero-day flaws in the software to gain remote access and encrypt the systems. A
Warning — Deadbolt Ransomware Targeting ASUSTOR NAS Devices

Warning — Deadbolt Ransomware Targeting ASUSTOR NAS Devices

Feb 24, 2022
ASUSTOR network-attached storage (NAS) devices have become the  latest   victim  of Deadbolt ransomware, less than a month after similar attacks singled out  QNAP NAS appliances . In response to the infections, the company has released firmware updates ( ADM 4.0.4.RQO2 ) to "fix related security issues." The company is also urging users to take the following actions to keep data secure – Change your password Use a strong password Change default HTTP and HTTPS ports. Default ports are 8000 and 8001 respectively Change web server ports (Default ports are 80 and 443) Turn off Terminal/SSH and SFTP services and other services you do not use, and Make regular backups and ensure backups are up to date The attacks primarily affect internet-exposed ASUSTOR NAS models running ADM operating systems including, but not limited to, AS5104T, AS5304T, AS6404T, AS7004T, AS5202T, AS6302T, and AS1104T.  Much like the intrusions targeting QNAP NAS devices, the threat actors claim t
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
QNAP Warns of DeadBolt Ransomware Targeting Internet-Facing NAS Devices

QNAP Warns of DeadBolt Ransomware Targeting Internet-Facing NAS Devices

Jan 28, 2022
Taiwanese company QNAP has warned customers to secure network-attached storage (NAS) appliances and routers against a new ransomware variant called DeadBolt . "DeadBolt has been widely targeting all NAS exposed to the Internet without any protection and encrypting users' data for Bitcoin ransom," the company  said . "QNAP urges all QNAP NAS users to […] immediately update QTS to the latest available version." A query on IoT search engine Censys shows that at least 3,687 devices have been encrypted by the DeadBolt ransomware so far, with most NAS devices located in the U.S., Taiwan, France, Italy, the U.K., Hong Kong, Germany, the Netherlands, Poland, and South Korea. In addition, QNAP is also urging users to check if their NAS devices are public-facing, and if so, take steps to turn off the port forwarding function of the router and disable the Universal Plug and Play ( UPnP ) function of the QNAP NAS. The advisory comes as  Bleeping Computer  revealed t
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Cybersecurity Resources