SecurityWeek reports that QNAP network-attached storage devices are being targeted by a new wave of Deadbolt ransomware attacks, which were initially discovered on Saturday.
"QNAP Systems, Inc. today detected the security threat Deadbolt leveraging exploitation of Photo Station vulnerability to encrypt QNAP NAS that are directly connected to the internet," said QNAP, which has already issued patches in Photo Station versions 5.2.14, 5.4.15, 5.7.18, 6.0.22, and 6.1.2. QNAP also recommended the use of QuMagie for photo management instead of Photo Station.
Moreover, users have been discouraged from directly connecting their NAS devices to the internet to curb attack risk.
"We recommend users to make use of the myQNAPcloud Link feature provided by QNAP, or enable the VPN service. This can effectively harden the NAS and decrease the chance of being attacked," said QNAP, which urged the immediate application of provided updates, as well as the use of robust passwords and data backups.
Officials at the City of Augusta, Georgia, have been noted by Mayor Garnett Johnson to have not communicated with the BlackByte ransomware operation that took credit for a cyberattack against the city that commenced on May 21, according to The Record, a news site by cybersecurity firm Recorded Future.
Attacks exploiting a zero-day in the MOVEit Transfer file transfer app to compromise various servers and facilitate data exfiltration efforts have been admitted by the Clop ransomware operation, also known as Lace Tempest, TA505, and FIN11, after the intrusions have been attributed to the group by Microsoft, reports BleepingComputer.