Chrome bug squashed, QNAP NAS nasty hits, BlueKeep malware spreads, and more Let's check out some of the more recent security happenings beyond what we've already covered. Chrome bugs cleaned up Anyone running Chrome will want to update and restart their browser in order to make sure they have the latest build, as usual. Google has patched a bunch of flaws including a use-after-free() vulnerability ( …
With a data trove like that, no payment data was needed. Miscreants will exploit that to extract payment via blackmail.
One can only hope that the people using the sites were using a throwaway mail account, but the odds of that are likely rather low.
......a bit after Mary Hopkins sang those words in 1968....say in the 1980's and 1990's....when:
- My CP/M-80 2.2 install ran without an upgrade from 1982 till around 1988
- My MS-DOS 3.3 install ran without an upgrade from 1987 till I installed DOS 5.0 in 1991
So....today i'm running Fedora 31, where Fedora is on a six month release cycle. It was released and installed less than a week ago, and already there are 77 package updates to think about.
Tell me....is this progress??????
No, but it is an indicator of one kind of progress -- in communications. In the early 80's, you CP/M machine probably sat on your desk and could only be access by the person sitting at that desk. Today, the machine on your desk can be, with a properly misconfigured firewall, accessed from anywhere on earth, or at sea, flying through the air, or zipping around the earth in orbit. If you're willing to give up the ability to communicate with any/all of them, then you could re-install Windows XP SP3 and be just fine*.
* assuming you don't use sneakernet either.
Last week, authorities in Finland warned of a newly discovered piece of malware targeting QNAP network storage boxes.
any further news on this, MY NAS has been off for a while as it happens, but back home soon, and will power up, have got the latest updates installed, and that was done only a week or so back
I have seen the options out there to make safe if it ISN'T hit, as well as the draconian options to clear if it IS :o(
will be checking through and making sure I am up to date fully
basic list =
Update November 01, 12:04 EDT: QNAP says in a security advisory released today that an update for the Malware Remover app will be released as soon as possible to address the QSnatch malware threat.
QNAP also recommends taking the following measures to avoid infections:
Update QTS to the latest version.
Install and update Security Counselor to the latest version.
Use a stronger admin password.
Enable IP and account access protection to prevent brute force attacks.
Disable SSH and Telnet connections if you are not using these services.
Avoid using default port numbers 443 and 8080.
from - https://www.bleepingcomputer.com/news/security/qsnatch-malware-infects-thousands-of-nas-devices-steals-credentials/
my main issue / concern is how to determine whether you are infected ?
still, only a 6TB set up, could be worse :o)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
