Qnap uses linux so less relevant. though if you run virtual os with windows... hm?'Biggest ransomware outbreak in history' hits nearly 100 countries with data held for ransom
Anyway seems to be big news atm :X seems theres currently a global ransomware problem happening atm which is affecting all versions of windows.
One of the main problems is, if any pc is infected, it can potentially infect other pcs on the same network.
Update 8: Microsoft has pushed out hotfixes for WannaCry and older Windows OS.
We also know that some of our customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received the above mentioned Security Update released in March. Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download (see links below).
if you don't like blocks of text, here is a video summary whats happeningUpdate 7: Microsoft Statement - "Today our engineers added detection and protection against new malicious software known as Ransom:Win32.WannaCrypt. In March, we provided a security update which provides additional protections against this potential attack. Those who are running our free antivirus software and have Windows updates enabled, are protected. We are working with customers to provide additional assistance."
Update 6: FedEx has instructed approximately 80,000 employees, via email, to turn off their computers till Monday while it tries to deal with the WannCry ransomware.
Update 5: FedEx (FDX ) here in the United States has now been impacted by the WannaCry ransomware. FedEx has not determined exactly how it is spreading, but it is. Virtual Machines currently seem to be the most vulnerable on its network. FedEx is currently shutting down its PCs and taking its ESX servers offline as well.
Update 4: In-house HardOCP security experts have reported that the Russian Ministry of the Interior (Police) network has now been taken down by WannyCry ransomware.
Update 3: Microsoft pushed out a Security Bulletin MS12-010-Critical server patch in March as reported by the BBC, but many have not yet updated the vulnerable systems.
Update 2: HardOCP in-house security experts have verified that the WannaCry ransomware attack is being conducted using Eternal Blue. Eternal Blue was an exploitation tool released in Vault 7, the NSA tool dump from WikiLeaks. You can use this page to watch the current infection rate worldwide after you click connect.
Update: HardOCP in-house security experts have verified that the WannaCry ransomware is using a remote command execution vulnerability through Server Message Block (SMB).
While the outbreak was at first mainly located in Spain, it has quickly spread worldwide. It would be good for our System Admin readers to be very aware of this as it seems to be a very nasty strain of ransomware. Microsoft issued a patch for this on March 14th.
[youtube=]GtWTWe4Ao8w[/youtube]
if your a newbie, here is a video intro what ransomware is and why you should be wary of it
[youtube=]shDgBHUXnr8[/youtube]
You can read the full story here
https://www.hardocp.com/news/2017/05/12 ... e_vigilant
http://www.abc.net.au/news/2017-05-13/b ... ns/8523102
in qnap related news, they reminded about updating firmware to latest version with security fixes (as you rightly should).
QNAP Security Advisory and Malware Remover Update Notice
Taipei, Taiwan, May 12, 2017 - QNAP® Systems, Inc. is committed to the protection of the privacy and data security of our users. The QNAP Cyber Security Team actively and regularly performs security checks on all QNAP NAS systems and recently identified an attack that possibly exploits known vulnerabilities in earlier QTS versions. Malware can then be downloaded and executed, which in turn installs a QTS 4.2.5 build on the compromised system. This malware may potentially result in unauthorized access to NAS data.
To ensure data security, QNAP strongly recommend that users immediately install Malware Remover 2.1.2 on their QNAP NAS. Malware Remover 2.1.2 can detect and delete malware on your NAS. After running Malware Remover 2.1.2 and confirming the malware is removed from your NAS, update your NAS to the latest version of QTS available for your NAS, and change the passwords for all NAS users. You can learn more about this vulnerability at QNAP Security Bulletins.
https://www.qnap.com/en/support/con_show.php?cid=117
Installing Malware Remover 2.1.2
Log on to QTS as administrator.
Open the App Center and then click the Search icon.
Type “Malware Remover” and then press ENTER. The Malware Remover application appears in the search results list.
Click Install.
About QNAP
QNAP Systems, Inc., as its brand promise "Quality Network Appliance Provider", aims to deliver comprehensive offerings of cutting edge network attached storage (NAS) and network video recorder (NVR) solutions featured with ease-of-use, robust operation, large storage capacity, and trustworthy reliability. QNAP integrates technologies and designs to bring forth quality products that effectively improve business efficiency on file sharing, virtualization applications, storage management and surveillance in the business environments, as well as enrich entertainment life for home users with the offering of a fun multimedia center experience. Headquartered in Taipei, QNAP delivers its solutions to the global market with nonstop innovation and passion.
to weather the current storm, some simple steps you can do
1. update windows asap...
2. update anti virus.... you can refer to the site https://www.av-test.org/en/ to figure out which AV is most effective.
3. update anti malware e.g. malwarebytes, hitman....
4. update your router (especially great with third party routers which are usually fastest with security patches like rt merlin for asus routers)
5. update qnap firmware if you haven't
6. make sure you have backups.... so even if your pc gets ransomware hit, you can format then restore using backup.
7. keep up to date on the tech sites on the ongoing situation for the dos and donts :X at least for the next few days.
8. don't click links from unexpected emails that say their from nigerian prince etc thats how you get infected.
9. for browsing web i'd strongly recommend chrome with gorhill's plugins umatrix and ublock. keeps stuff from getting stored on your hard drive unless you first give the green light. prevents adware and other stuff
PS: this is why we keep backups. If you want to backup your desktop/laptop to QNAP there is apps like Aomei backupper which i tested is able to backup your computer to your qnap without issue there probably other alternative apps/methods to go about it which you can google.
pro tip, if your encrypting your backup, make sure the encryption password key is complex.... the encryption is only as good as your key complexity. If your managing a ton of complex keys then something like keepass to store them then only having to remember 1 complex master key should be manageable (just keep it hidden somewhere )
for windows you probably want to use something like this to keep the analytic junk on silence
https://www.oo-software.com/en/shutup10
also sorry for the noise kek