The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". The cookie is used to store the user consent for the cookies in the category "Analytics".
This cookie is set by GDPR Cookie Consent plugin. These cookies ensure basic functionalities and security features of the website, anonymously. Necessary cookies are absolutely essential for the website to function properly.
Successful ransomware attacks were connected by some users at the time to improperly protected Internet-exposed devices.
Before Christmas, a rise in eCh0raix (or QNAPCrypt) ransomware assaults leveraging an undisclosed attack vector prompted the alert.
Disable the QNAP NAS’s UPnP function: On the QTS menu, go to myQNAPcloud, click “Auto Router Configuration,” and uncheck “Enable UPnP Port Forwarding.”ĭisabling SSH and Telnet connections, altering the system port number and device password, and setting IP and account access security are all covered in detail by QNAP. Disable the router’s Port Forwarding function: Check the Virtual Server, NAT, or Port Forwarding options in your router’s management interface, and disable the port forwarding settings for the NAS management service port (port 8080 and 433 by default). According to the company, users should check if their NAS is accessible over the Internet and take the following steps to protect themselves against incoming compromise attempts: In January, QNAP warned consumers to protect their NAS equipment against active ransomware and brute-force attacks. QNAP advises using the router’s VPN function (if available), the myQNAPcloud Link service, and the VPN server on QNAP devices offered by the QVPN Service app or the QuWAN SD-WAN solution as solutions for people who require access to NAS systems without a direct Internet connection. You should disable manual port forwarding and UPnP auto port forwarding for QNAP NAS in your router configuration.” “It is recommended that your QNAP NAS stay behind your router and firewall without a public IP address. Despite its convenience, UPnP may expose your device to public networks and malicious attacks,” QNAP said. “Hackers can abuse UPnP to attack through malicious files to infect your system and gain control. UPnP Port Forwarding enables network devices to connect with one another and form groups for simpler data exchange. 
It also enables them to join and exit networks dynamically, receive IP addresses, advertise their capabilities, and learn about the capabilities of other UPnP devices on the network. UPnP is a collection of unsecured network protocols that facilitate peer-to-peer interactions between devices but lack encryption and authentication. On Monday, QNAP, a Taiwanese hardware company, advised customers to stop Universal Plug and Play (UPnP) port forwarding on their routers to avoid exposing their network-attached storage (NAS) devices to cyberattacks.
0 kommentar(er)
