"QNAP Fixes Critical Flaws That Could Lead to Device Takeover"

QNAP has fixed two critical vulnerabilities that could allow attackers to take over its network-attached storage (NAS) devices. The vulnerabilities were contained by Helpdesk, an app built into QNAP's NAS devices that admins could use to send requests for help from the QNAP support team. The app also has a remote support feature to allow remote connections to the device with the owner's permission. QNAP has also brought further attention to the recent rise in ransomware attacks targeting publicly exposed NAS storage devices. This article continues to discuss the two Helpdesk security flaws fixed by QNAP and the recent surge in ransomware attacks against NAS devices. 

Bleeping Computer reports "QNAP Fixes Critical Flaws That Could Lead to Device Takeover"