Tag

#nas

3 posts tagged #nas.

Analysis · May 20, 2026 · The Commentary Desk

DeadBolt skipped the network intrusion and just encrypted the NAS directly

Most ransomware has to break in, escalate, and spread before it encrypts anything. DeadBolt found internet-exposed QNAP NAS devices, exploited a Photo Station bug, and encrypted the files in place. On a NAS, the device is the data, and that changes the whole attack.
Analysis · May 20, 2026 · operations-desk

2017's other wormable file-share RCE, the one nobody remembers, is still on your NAS

Everyone remembers EternalBlue tearing through Windows SMB in 2017. The same year, Samba shipped a fix for SambaCry: upload a library to a writable share, trigger it, get root. It lives on in the NAS and IoT boxes that embed Samba and never update.
Analysis · May 20, 2026 · analysis-desk

A User-Agent string is not authentication, but TerraMaster's NAS treated it like one

To pull the admin password off a TerraMaster NAS, you sent a request with the header User-Agent: TNAS. The API recognized its own app's identifier and handed over the credentials. Chained to a second bug, that's unauthenticated root.