back to article Chrome bug squashed, QNAP NAS nasty hits, BlueKeep malware spreads, and more

Let's check out some of the more recent security happenings beyond what we've already covered. Chrome bugs cleaned up Anyone running Chrome will want to update and restart their browser in order to make sure they have the latest build, as usual. Google has patched a bunch of flaws including a use-after-free() vulnerability ( …

  1. Pascal Monett Silver badge

    "users and camgirls' email addresses, IP addresses, chat logs, and more"

    With a data trove like that, no payment data was needed. Miscreants will exploit that to extract payment via blackmail.

    One can only hope that the people using the sites were using a throwaway mail account, but the odds of that are likely rather low.

  2. Anonymous Coward
    Anonymous Coward

    Those were the days my friend,.....

    ......a bit after Mary Hopkins sang those words in 1968....say in the 1980's and 1990's....when:

    - My CP/M-80 2.2 install ran without an upgrade from 1982 till around 1988

    - My MS-DOS 3.3 install ran without an upgrade from 1987 till I installed DOS 5.0 in 1991

    So....today i'm running Fedora 31, where Fedora is on a six month release cycle. It was released and installed less than a week ago, and already there are 77 package updates to think about.

    Tell me....is this progress??????

    1. stiine Silver badge

      Re: Those were the days my friend,.....

      No, but it is an indicator of one kind of progress -- in communications. In the early 80's, you CP/M machine probably sat on your desk and could only be access by the person sitting at that desk. Today, the machine on your desk can be, with a properly misconfigured firewall, accessed from anywhere on earth, or at sea, flying through the air, or zipping around the earth in orbit. If you're willing to give up the ability to communicate with any/all of them, then you could re-install Windows XP SP3 and be just fine*.

      * assuming you don't use sneakernet either.

    2. Anonymous Coward
      Anonymous Coward

      Re: Those were the days my friend,.....

      Unless you were running a BBS or something on the DOS or CP/M machines, I very much doubt there were any non-physical attack vectors to worry about. Connectivity is indeed a double-edged sword.

  3. IceC0ld Silver badge

    the QNAP snatch thing

    Last week, authorities in Finland warned of a newly discovered piece of malware targeting QNAP network storage boxes.

    any further news on this, MY NAS has been off for a while as it happens, but back home soon, and will power up, have got the latest updates installed, and that was done only a week or so back

    I have seen the options out there to make safe if it ISN'T hit, as well as the draconian options to clear if it IS :o(

    will be checking through and making sure I am up to date fully

    basic list =

    Update November 01, 12:04 EDT: QNAP says in a security advisory released today that an update for the Malware Remover app will be released as soon as possible to address the QSnatch malware threat.

    QNAP also recommends taking the following measures to avoid infections:

    Update QTS to the latest version.

    Install and update Security Counselor to the latest version.

    Use a stronger admin password.

    Enable IP and account access protection to prevent brute force attacks.

    Disable SSH and Telnet connections if you are not using these services.

    Avoid using default port numbers 443 and 8080.

    from - https://www.bleepingcomputer.com/news/security/qsnatch-malware-infects-thousands-of-nas-devices-steals-credentials/

    my main issue / concern is how to determine whether you are infected ?

    still, only a 6TB set up, could be worse :o)

    1. IceC0ld Silver badge

      Re: the QNAP snatch thing

      further to my above post, QNAP has this on their site

      https://www.qnap.com/en-uk/security-advisory/nas-201911-01?fbclid=IwAR24Oxfe6-d0KhpnJtndnnI9ewrgmoBC_YCmfR5FKEXp0M7xvjQtRBOpl6s

      has ALL the details you may / will need to keep you safe

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019