Collaborate Disseminate
Synology has released fixes for an unauthenticated “zero-click” remote code execution flaw (CVE-2024-10443, aka RISK:STATION) affecting its popular DiskStation and BeeStation network attached storage (NAS) devices. About CVE-2024-10443 CVE-… Continue reading Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443)
A botnet operated by the Chinese state-sponsored threat actor known as Flax Typhoon has been disrupted by the law enforcement agency and abandoned by the group, FBI Director Chris Wray confirmed on Wednesday. “We executed court-authorized operati… Continue reading FBI forced Flax Typhoon to abandon its botnet
Users of Zyxel network-attached storage (NAS) devices are urged to implement hotfixes addressing a critical and easily exploited command injection vulnerability (CVE-2024-6342). About CVE-2024-6342 Zyxel NAS devices are generally used by small to mediu… Continue reading Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342)
Zyxel has released patches for three critical vulnerabilities (CVE-2024-29972, CVE-2024-29973, and CVE-2024-29974) affecting two network-attached storage (NAS) devices that have recently reached end-of-vulnerability-support. About the vulnerabilities T… Continue reading Zyxel patches critical flaws in EOL NAS devices
Critical vulnerabilities in discontinued Zyxel NAS products allow unauthenticated attackers to execute arbitrary code and OS commands.
The post ‘NsaRescueAngel’ Backdoor Account Again Discovered in Zyxel Products appeared first on SecurityW… Continue reading ‘NsaRescueAngel’ Backdoor Account Again Discovered in Zyxel Products
QNAP rolls out patches for multiple vulnerabilities after proof-of-concept exploit published for a remote code execution vulnerability.
The post QNAP Rushes Patch for Code Execution Flaw in NAS Devices appeared first on SecurityWeek.
Continue reading QNAP Rushes Patch for Code Execution Flaw in NAS Devices
Researchers have found 15 vulnerabilities in QNAP’s network attached storage (NAS) devices, and have released a proof-of-concept for one: an unauthenticated stack overflow vulnerability (CVE-2024-27130) that may be leveraged for remote code execu… Continue reading 15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130)
By Waqas
A new botnet called Goldoon targets D-Link routers and NAS devices putting them at risk of DDoS attacks and more. Learn how weak credentials leave you vulnerable and how to secure your network. pen_spark
This is a post from HackRead.com Read t… Continue reading New Goldoon Botnet Targeting D-Link Devices by Exploiting 9-Year-Old Flaw
A network-attached storage (NAS) device is a frequent peripheral in home and office networks alike, yet so often these devices come pre-installed with a proprietary OS which does not lend …read more Continue reading Squeeze Another Drive into a Full-Up NAS
Unpatched D-Link NAS device vulnerability CVE-2024-3273, potentially affecting many devices, is being exploited in the wild.
The post Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices appeared first on SecurityWeek.
Continue reading Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices