QNAP users are again urged to secure their Network Attached Storage (NAS) devices against ransomware attacks targeting their data. In a security advisory QNAP published yesterday, their security discovered AgeLocker ransomware samples in the wild, potentially targeting QNAP devices. NAS device users are warned not to expose their devices on the Internet since it would allow potential attackers to find and gain access to the user’s data. A QNAP spokesman stated that recently compromised NAS devices targeted by AgeLocker were running outdated firmware. AgeLocker ransomware was first spotted in the wild in July 2020 and, since then, it has already targeted QNAP devices in a September 2020 campaign. Last weekend, QNAP owners were once again hit by ransomware in a massive and ongoing campaign by Qlocker ransomware. While at first, QNAP stated that Qlocker exploits an SQL Injection vulnerability (CVE-2020-36195) to encrypt unpatched devices, it was later discovered that it also used hardcoded credentials in the HBS 3 Hybrid Backup Sync app.
Using Microsoft Sentinel to Detect Confluence CVE-2022-26134 Exploitation
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is