Patching QNAP, Microsoft Hacked, and Impersonation Apps
QNAP Patches Flaws
by Artie Kaye
Multiple products from QNAP have been patched. QTS, QuTS hero, QuTScloud, and myQNAPcloud had several critical CVE’s addressed. Those products as well as QuMagie Mobile for Android and specific QNAP OS versions have had medium severity flaws addressed. If you are using QNAP devices and services, updating will help protect your systems from potential threats.
Third-Party references:
Click the links below to learn more details. (Opens in a new tab/window.)
Microsoft Source Code Exfiltrated
by Artie Kaye
Microsoft has confirmed that a Russian hacking group has gained repeated access to their servers and has copied source code. Which specific code is not mentioned. Having access to this information can allow threat actors to find vulnerabilities in the programs. Microsoft has stated that no customer facing portals were compromised, and that only its corporate systems were targeted. This includes email correspondence with customers. The company has increased its security measures since the initial breach and is taking greater steps to protect its systems. Microsoft is offering transparency with regards to this incident and continues to share what it has learned.
Third-Party references:
Click the links below to learn more details. (Opens in a new tab/window.)
Impersonation and Fake Apps
by Artie Kaye
This week, Apple removed a crypto wallet masquerading as an actual brand which was being used to steal cryptocurrency of users. The legitimate product, Leather, is not currently available on Apple products. All app stores have fraudulent programs being offered, and the companies which run them take them down when reported or discovered. Sometimes it takes time for this to happen. Trading apps for crypto and stock are common instances of scam vectors. They handle lots of money and can be liquidated quickly.
When loading any financial app on your phone, verify it is the correct app you are seeking. The number of installs and reviews is a good first indicator: if they’re low, it may not be the right app. Always check the publisher and verify the name listed against the official site of the company or app. The publisher’s website will direct you straight to the official product in most cases.
Third-Party references:
Click the links below to learn more details. (Opens in a new tab/window.)