In the News -

News & Events

In the News

Dark Reading

July 10, 2019  |  Dark Reading, Jai Vijayan

New Ransomware Targets QNAP’s Network-Attached Storage Devices

Researchers at Anomali have spotted a new ransomware strain that is targeting users of QNAP Systems' network-attached storage (NAS) devices. The operators of the malware appear to be gaining access to the devices either by brute-forcing weak credentials or by exploiting known vulnerabilities in them. However, the exact infection vector...
Read More

Bleeping Computer

July 10, 2019  |  Bleeping Computer, Sergiu Gatlan

New eCh0raix Ransomware Brute-Forces QNAP NAS Devices

A new ransomware strain written in Go and dubbed eCh0raix by the Anomali Threat Research Team is being used in the wild to infect and encrypt documents on consumer and enterprise QNAP Network Attached Storage (NAS) devices used for backups and file storage. "The devices appear to...
Read More

The Hacker News

July 10, 2019  |  The Hacker News, Mohit Kumar

A New Ransomware Is Targeting Network Attached Storage (NAS) Devices

A new ransomware family has been found targeting Linux-based Network Attached Storage (NAS) devices made by Taiwan-based QNAP Systems and holding users' important data hostage until a ransom is paid, researchers told The Hacker News. Ideal for home and small business, NAS devices are dedicated file storage units connected to...
Read More

SC Media

July 10, 2019  |  SC Media, Doug Olenick

New eCh0raix ransomware now hitting QNAP NAS drives

Anomali has unveiled a new ransomware variant that is targeting network attached storage (NAS) devices made by QNAP Systems. The ransomware, dubbed eCh0raix after a line in the code, was first spotted in June when a discussion regarding it appeared in Bleeping Computer’s forums. At this point...
Read More


July 10, 2019  |  ZDNet, Danny Palmer

This new ransomware is targeting network attached storage devices

A newly discovered form of ransomware is is targeting network storage devices by brute-forcing weak credentials and exploiting known vulnerabilities in their systems. Dubbed eCh0raix after a string of code, the new form of file-locking malware emerged in June and has been detailed by cybersecurity researchers...
Read More


July 8, 2019  |  CyberWire

Multiple Chinese Threat Groups Exploiting CVE-2018-0798 Equation Editor Vulnerability Since Late 2018

Anomali has described a Microsoft Office exploit "supply chain" being shared among at least five Chinese groups: Conimes, KeyBoy, Emissary Panda, Rancor, and Temp[dot]Trident. Specifically, they're all working the "Royal Road Rich Text Format (RTF) weaponizer," and using it to exploit CVE-2017-11882 and CVE-2018-0802.Read...
Read More


July 3, 2019  |  SecurityWeek, Kevin Townsend

Multiple Chinese Groups Share the Same RTF Weaponizer

During an investigation into a possibly shared RTF weaponizer by Indian and Chinese APT groups, researchers have discovered that multiple Chinese groups have updated the weaponizer to exploit the Microsoft Equation Editor (EE) vulnerability CVE-2018-0798. The same weaponizer had previously delivered exploits for EE vulnerabilities CVE-2017-11882 and CVE-201...
Read More


June 11, 2019  |  ZDNet, Danny Palmer

This Unusual Windows Malware is Controlled via a P2P Network

A new malware campaign aimed at Windows machines features a novel technique to control the resulting botnet, with the group behind it hiding their communications using a P2P network. Dubbed IPStorm – short for InterPlanetary Storm – by its cyber criminal operators, the campaign was discovered in May. It'...
Read More

The Tech Tribuone

May 2, 2019  |  The Tech Tribuone

2019 Best Tech Startups in Redwood City

The Tech Tribune staff has compiled the very best tech startups in Redwood City, California.Read More
Read More


March 27, 2019  |  CRN, Michael Novinson

10 Hottest Threat Intelligence Platforms In 2019

Here's a look at how companies like Cisco, CrowdStrike, and FireEye use massive quantities of threat data to protect businesses from emerging threats like ransomware, botnets, and zero-day attacks.Read More
Read More