NAS

  • Blog

    How I Avoided an Expensive NAS Upgrade

    Summary Instead of buying a new NAS, you could convert an old desktop into a budget-friendly NAS using spare parts. Use PCIe HBA cards to add more SATA ports for cheap storage expansion. TrueNAS Scale and OpenMediaVault are free alternatives to paid NAS operating systems like Unraid. Sometimes, you need to upgrade your NAS on a budget. I know I’ve…

    Read More »
  • Blog

    Plex Is Ending Support for This Once-Popular NAS Brand

    It’s been two years since Drobo filed for Chapter 7 bankruptcy and stopped providing support for its NAS hardware. Now, Plex says it will end Drobo compatibility following the Plex Media Server 1.41.7 release in Q2 2025. Existing Drobo setups may continue running Plex Media Server, but Plex will not provide updates for Drobo NAS boxes. In other words, your…

    Read More »
  • Blog

    QNAP fixes six Rsync vulnerabilities in NAS backup, recovery app

    QNAP has fixed six rsync vulnerabilities that could let attackers gain remote code execution on unpatched Network Attached Storage (NAS) devices. Rsync is an open-source file synchronization tool that supports direct file syncing via its daemon, SSH transfers via SSH, and incremental transfers that save time and bandwidth. It’s widely used by many backup solutions like Rclone, DeltaCopy, and ChronoSync,…

    Read More »
  • Blog

    Firmware Update Locked QNAP NAS Owners Out of Their Boxes

    A recent update to QNAP’s firmware, version 5.2.2.2950 build 20241114, caused many problems for people with QNAP Network Attached Storage (NAS) devices. Released around November 19th, the update prevented some from accessing their files. A faulty firmware update was supposed to fix some security issues found in QNAP devices. These devices often face cyberattacks, and in February 2023, a serious…

    Read More »
  • Blog

    QNAP addresses critical flaws across NAS, router software

    QNAP has released security bulletins over the weekend, which address multiple vulnerabilities, including three critical severity flaws that users should address as soon as possible. Starting with QNAP Notes Station 3, a note-taking and collaboration application used in the firm’s NAS systems, the following two vulnerabilities impact it: CVE-2024-38643 – Missing authentication for critical functions could allow remote attackers to…

    Read More »
  • Blog

    QNAP pulls buggy QTS firmware causing widespread NAS issues

    ​QNAP has pulled a recently released firmware update after widespread customer reports that it’s breaking connectivity and, in some cases, locking users out of their devices. QTS 5.2.2.2950 build 20241114, the buggy firmware causing these issues, was released this Tuesday for a long list of QTS network-attached storage (NAS) models to patch multiple security vulnerabilities and fix various known issues.…

    Read More »
  • Blog

    Critical bug in EoL D-Link NAS devices now exploited in attacks

    ​Attackers now target a critical severity vulnerability with publicly available exploit code that affects multiple models of end-of-life D-Link network-attached storage (NAS) devices. Tracked as CVE-2024-10914, the command injection vulnerability was found by security researcher Netsecfish, who also shared exploitation details and said that unauthenticated attackers could exploit it to inject arbitrary shell commands by sending malicious HTTP GET requests…

    Read More »
  • Blog

    D-Link won’t fix critical flaw affecting 60,000 older NAS devices

    More than 60,000 D-Link network-attached storage devices that have reached end-of-life are vulnerable to a command injection vulnerability with a publicly available exploit. The flaw, tracked as CVE-2024-10914, has a critical 9.2 severity score and is present in the ‘cgi_user_add’ command where the name parameter is insufficiently sanitized. An unauthenticated attacker could exploit it to inject arbitrary shell commands by sending…

    Read More »
  • Blog

    QNAP fixes NAS backup software zero-day exploited at Pwn2Own

    QNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. Tracked as CVE-2024-50388, the security flaw is caused by an OS command injection weakness in HBS 3 Hybrid Backup Sync version 25.1.x, the company’s disaster recovery and data backup solution. “An OS command injection vulnerability…

    Read More »
  • Blog

    How to fix SMB Signing error to access NAS on Windows 11 24H2

    To disable the SMB Signing requirement on Windows 11, open the “Group Policy Editor” and disable the “Microsoft network client: Digitally sign communication (if server agrees)” policy. Alternatively, you can complete this task through Command Prompt and PowerShell. On Windows 11, after installing version 24H2 (2024 Update), you may no longer be able to access your network-attached storage (NAS), and…

    Read More »
Back to top button
close