QNAP Ransomware Alert, 28 April

Wed, 28 April 21

What is happening:

QNAP has reported a global ransomware attack targeting unpatched devices. It is reported that attackers are targeting CVE-2020-36195, a SQL injection vulnerability. Please ensure all QNAP devices are appropriately protected. - Keep all software up to date and apply patches when they are available. Restrict access to local networks or UCD's VPN if external access is required.

Further details are available at https://www.bleepingcomputer.com/news/security/massive-qlocker-ransomware-attack-uses-7zip-to-encrypt-qnap-devices/

When is it happening:

Wednesday, 28 April.

Who will this affect:

QNAP devices.