QNAP removes backdoor account in NAS backup, disaster recovery app

Posted by & filed under Security Alerts.

QNAP has addressed a critical vulnerability allowing attackers to log into QNAP NAS (network-attached storage) devices using hardcoded credentials. The hard-coded credentials vulnerability tracked as CVE-2021-28799 was found by Taiwan-based ZUSO ART in HBS 3 Hybrid Backup Sync, the company’s disaster recovery and data backup solution. The company says that the security bug is already fixed in the following HBS versions and advises customers to… Read more »

Botnet backdoors Microsoft Exchange servers, mines cryptocurrency

Posted by & filed under Security Alerts.

Unpatched Microsoft Exchange servers are being targeted by the Prometei botnet and added to its operators’ army of Monero (XMR) cryptocurrency mining bots. This modular malware can infect both Windows and Linux systems, and it was first spotted last year while using the EternalBlue exploit to spread across compromised networks and enslave vulnerable Windows computers.

Pulse Secure VPN zero-day used to hack Defense Firms and Govt Orgs

Posted by & filed under Security Alerts.

Pulse Secure has shared mitigation measures for a zero-day authentication bypass vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance actively exploited in attacks against worldwide organizations and focused on US Defense Industrial base (DIB) networks. To mitigate the vulnerability tracked as CVE-2021-22893 (with a maximum 10/10 severity score), Pulse Secure advises customers with gateways running… Read more »

SonicWall warns customers to patch 3 zero-days exploited in the wild

Posted by & filed under Security Alerts.

Security hardware manufacturer SonicWall is urging customers to patch a set of three zero-day vulnerabilities affecting both its on-premises and hosted Email Security products. “In at least one known case, these vulnerabilities have been observed to be exploited ‘in the wild,’” SonicWall said in a security advisory published earlier today. The company said it’s “imperative” that organizations using… Read more »

Vulnerable Fortinet FortiOS System Expose VPN’s Credentials

Posted by & filed under Security Alerts.

In a joint alert, CISA and the FBI note nation-state actors are scanning for FortiOS vulnerabilities tracked as CVE-2018-13379, CVE-2020-12812 and CVE-2019-5591 for initial attacks. The alert does not disclose details on the threat actors, but it says the agencies have detected a surge in scanning activities for the vulnerabilities since March. The agencies say the… Read more »