Source: QNAP
warns of critical auth bypass flaw in its NAS devices. The Taiwanese
Network Attached Storage (NAS) device maker disclosed three
vulnerabilities that can lead to an authentication bypass, command
injection, and SQL injection.
The flaws impact various versions of QNAP's operating systems,
including QTS 5.1.x, QTS 4.5.x, QuTS hero h5.1.x, QuTS hero h4.5.x,
QuTScloud c5.x, and the myQNAPcloud 1.0.x service.
Source: Switzerland:
Play ransomware leaked 65,000 government documents. In a new
statement published today, the Swiss government confirmed that 65,000
government documents were leaked in the breach.
Supporting Source: Hacker
attack on Xplain: National Cyber Security Centre publishes data analysis
report.
Relevance of the published data volume.
The data package published on the darknet comprised around 1.3 million files. Once the data had been downloaded, the NCSC took the lead in systematically categorising and triaging all documents relevant to the Federal Administration. The results showed that the volume of data relevant to the Federal Administration comprised around 65,000 documents, or approximately 5% of the total published data set. The majority of these files belonged to Xplain (47,413) with a share of over 70%; around 14% (9,040) belonged to the Federal Administration. Around 95% of the Federal Administration’s files belonged to the administrative units of the Federal Department of Justice and Police (FDJP): the Federal Office of Justice, Federal Office of Police, State Secretariat for Migration and the internal IT service centre ISC-FDJP. With just over 3% of the data, the Federal Department of Defence, Civil Protection and Sport (DDPS) is slightly affected and the other departments are only marginally affected in terms of volume.
Proportion of sensitive data.
Sensitive content such as personal data, technical information, classified information and passwords was found in around half of the Federal Administration's files (5,182). Personal data such as names, email addresses, telephone numbers and postal addresses were found in 4,779 of these files. In addition, 278 files contained technical information such as documentation on IT systems, software requirement documents or architectural descriptions, 121 objects were classified in accordance with the Information Protection Ordinance and 4 objects contained readable passwords.
Xplain filed a criminal complaint after the incident, provided the authorities with all the necessary information and cooperated with them in investigating and limiting the damage. We rebuilt the entire IT infrastructure in accordance with the recommendations of the National Cyber Security Center (NCSC) and replaced the external operators. An external audit of the infrastructure and processes was completed in November. The NCSC subsequently wrote an assessment of the audit. The Federal Council's strategy crisis team on data leaks (PSC-D) took note of the report.
A threat actor is creating fake Skype, Google Meet, and Zoom meetings, mimicking these popular collaboration applications to spread various commodity malware that can steal sensitive data from both Android and Windows users.
Unless otherwise stated, our shows are released under a Creative Commons Attribution-ShareAlike 3.0 Unported (CC BY-SA 3.0) license.
The HPR Website Design is released to the Public Domain.