[ale] Got QNAP? Time to patch

Scott McBrien smcbrien at gmail.com
Mon Mar 8 19:27:53 EST 2021


QNAP releases updates roughly every month.  If you’re running one with firmware from August 2020, you’re at least 4 releases out of date.

> On Mar 8, 2021, at 7:09 PM, Jim Kinney via Ale <ale at ale.org> wrote:
> 
> I thought that vulnerability number looked suspiciously like the total number of products sold...
> 
>> On March 8, 2021 7:06:15 PM EST, Alex Carver via Ale <ale at ale.org> wrote:
>>> On 2021-03-08 13:30, DJ-Pfulio via Ale wrote:
>>> 
>>> https://www.bleepingcomputer.com/news/security/unpatched-qnap-devices-are-being-hacked-to-mine-cryptocurrency/
>>> 
>>> "All NAS devices with QNAP firmware released before August 2020 are currently vulnerable to these attacks.
>>> The researchers discovered 4,297,426 potentially vulnerable QNAP NAS devices online using the company's 360 Quake cyberspace mapping system."
>> 
>> "All QNAP NAS owners should go through the following checklist to secure 
>> their NAS and check for malware:"
>> 
>> 1. Check device nameplate.
>> 2. If the nameplate says "QNAP", remove from service and replace with 
>> another device not named "QNAP". :)
>> Ale mailing list
>> Ale at ale.org
>> https://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
> 
> -- 
> Computers amplify human error
> Super computers are really cool_______________________________________________
> Ale mailing list
> Ale at ale.org
> https://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20210308/e6cb93f0/attachment.html>


More information about the Ale mailing list