Encircle News!

Retro Game Arcade
, , ,

Synology patches critical vulnerabilities, urges users to update devices against zero-click attacks

Efosa Udinmwen

  • Synology patches critical zero-click vulnerabilities in NAS devices
  • Attackers can exploit vulnerabilities without user interaction
  • $260,000 was awarded to researchers for discovering exploits

Synology has recently patched a critical security flaw in its NAS device products which could have allowed hackers to hijack victim units.

The company released two advisories to notify users about patched vulnerabilities in its data storage products, specifically those in Photos for DMS and BeePhotos for BeeStation.

The identified issues, shown off at the recent Pwn2Own Ireland 2024 event, allowed for remote code execution, posing a serious threat as they enabled attackers to take control of affected devices without user interaction.

Critical vulnerabilities revealed

Remote code execution vulnerabilities are especially dangerous as they give attackers the ability to execute arbitrary commands on the device, putting sensitive data at risk.

By addressing these flaws, Synology has ensured users who apply the updates can better protect their devices from potential attacks, as this not only prevents potential remote access, but also reduces the likelihood of ransomware, data theft, and other types of attacks that exploit NAS vulnerabilities.

Devices storing sensitive information are often connected to the internet, therefore they are usually susceptible to attacks. To guard against malicious actors, it is important to employ regular security patches.

Organized by Trend Micro’s Zero Day Initiative (ZDI), Pwn2Own Ireland 2024 awarded over $1 million to white-hat hackers who successfully demonstrated exploits across devices, including NAS systems, cameras, and smart speakers.

Synology was one of the companies with security flaws with its products earning researchers $260,000 in total for their discovered vulnerabilities. The company quickly responded to the competition findings and addressed critical flaws in its products.

Via SecurityWeek

You might also like

https://www.techradar.com/pro/synology-patches-critical-vulnerabilities-urges-users-to-update-devices-against-zero-click-attacks

Leave a Reply

Your email address will not be published. Required fields are marked *

Follow Us

Featured Posts

December 2024
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

About Us

Welcome to encircle News! We are a cutting-edge technology news company that is dedicated to bringing you the latest and greatest in everything tech. From automobiles to drones, software to hardware, we’ve got you covered.

At encircle News, we believe that technology is more than just a tool, it’s a way of life. And we’re here to help you stay on top of all the latest trends and developments in this ever-evolving field. We know that technology is constantly changing, and that can be overwhelming, but we’re here to make it easy for you to keep up.

We’re a team of tech enthusiasts who are passionate about everything tech and love to share our knowledge with others. We believe that technology should be accessible to everyone, and we’re here to make sure it is. Our mission is to provide you with fun, engaging, and informative content that helps you to understand and embrace the latest technologies.

From the newest cars on the road to the latest drones taking to the skies, we’ve got you covered. We also dive deep into the world of software and hardware, bringing you the latest updates on everything from operating systems to processors.

So whether you’re a tech enthusiast, a business professional, or just someone who wants to stay up-to-date on the latest advancements in technology, encircle News is the place for you. Join us on this exciting journey and be a part of shaping the future.

Podcasts

TWiT 1010: The Densest State in the US – TikTok Ban, Drones Over Jersey, GM Quits Robotaxis This Week in Tech (Audio)

So You Want to Solve the NJ Drone Mystery? Our Expert Has Some Ideas Infowars Sale to The Onion Rejected by Federal Bankruptcy Judge Federal appeals court declines to temporarily block ban on TikTok, teeing up showdown at SCOTUS over controversial law WordPress parent company must stop blocking WP Engine, judge rules Crypto's Legacy Is Finally Clear Tech Industry and CEOs Curry Favor With Trump Ahead of His Inauguration AI Is Detecting More Breast Cancer Cases, Study Suggests Huge randomized trial of AI boosts discovery — at least for good scientists GM Calls It Quits on Mary Barra's $50 Billion Robotaxi Dream You Can Buy a Car on Amazon Now Host: Leo Laporte Guests: Cathy Gellis, Mike Elgan, and Emily Forlini Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: mintmobile.com/twit shopify.com/twit
  1. TWiT 1010: The Densest State in the US – TikTok Ban, Drones Over Jersey, GM Quits Robotaxis
  2. TWiT 1009: Andy Giveth & Bill Taketh Away – Trump's Tech Titans, Crypto Boom, TikTok's US Ban, Intel CEO Exits
  3. TWiT 1008: Internet Legal – Australia's Social Media Ban for Kids, Smart Home Nightmare, Bluesky's Ascent
  4. TWiT 1007: All the Hotdogs in the World – China's "Salt Typhoon" Hack, Google on the Chopping Block, Recall AI
  5. TWiT 1006: Underwater Alien Civilizations – Bluesky Growth, Tyson Vs. Paul, AI Granny