9621 Agnes Crossing, Lake Suzanneview, New Mexico Island 84604-9295.
A critical “zero-click” vulnerability in Synology NAS software was recently discovered by Rick de Jager, a Dutch security researcher from Midnight Blue. This happened during the Pwn2Own hacking
A critical “zero-click” vulnerability in Synology NAS software was recently discovered by Rick de Jager, a Dutch security researcher from Midnight Blue. This happened during the Pwn2Own hacking competition in Ireland. The vulnerability lies in Synology’s pre-installed Photos app and BeePhotos software for BeeStation. A “zero-click” vulnerability means that an attack can occur without user action and without authentication. This allows attackers to gain remote access and take full control of the device. You can even install and run code.
After the discovery, Midnight Blue immediately informed Synology. Within 48 hours, Synology released a patch to fix the problem. Midnight Blue stressed that it is important that users update their devices quickly, as millions of devices are vulnerable. However, Synology devices do not update automatically, so a manual update is required.
NAS systems are a popular target for attacks due to the large amount of personal data they contain. Therefore, it is very important to install updates quickly.
Source: IT Daily
As an experienced journalist and author, Mary has been reporting on the latest news and trends for over 5 years. With a passion for uncovering the stories behind the headlines, Mary has earned a reputation as a trusted voice in the world of journalism. Her writing style is insightful, engaging and thought-provoking, as she takes a deep dive into the most pressing issues of our time.
