{"id":44899,"date":"2022-01-20T00:00:00","date_gmt":"2022-01-20T00:00:00","guid":{"rendered":"urn:uuid:7b5792d2-3e4d-f148-fa5d-d61467c8ae14"},"modified":"2022-01-20T00:00:00","modified_gmt":"2022-01-20T00:00:00","slug":"defending-users-nas-devices-from-evolving-threats","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/","title":{"rendered":"Defending Users\u2019 NAS Devices From Evolving Threats"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/a\/defending-users-nas-devices-from-evolving-threats\/cover-defending-users-nas-from-evolving-threats.jpg\"><!-- OneTrust Cookies Consent Notice start for trendmicro.com --><!-- OneTrust Cookies Consent Notice end for trendmicro.com --> <!-- Begin mPulse library --> <!-- END mPulse library --> <head> <meta charset=\"UTF-8\"> <meta name=\"viewport\" content=\"width=device-width\"> <meta name=\"description\"> <meta name=\"robots\" content=\"index,follow\"> <meta name=\"keywords\" content=\"malware,cyber crime,exploits &amp; vulnerabilities,smart home,cyber threats,apt &amp; targeted attacks,endpoints,iot,ransomware,articles, news, reports\"> <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\"> <meta name=\"template\" content=\"article1withouthero\"> <meta property=\"article:published_time\" content=\"2022-01-20\"> <meta property=\"article:tag\"> <meta property=\"article:section\"> <link rel=\"icon\" type=\"image\/ico\" href=\"\/content\/dam\/trendmicro\/favicon.ico\"> <link rel=\"canonical\" href=\"https:\/\/www.trendmicro.com\/en_us\/research\/22\/a\/defending-users-NAS-devices-from-evolving-threats.html\"> <title>Defending Users\u2019 NAS Devices From Evolving Threats<\/title> <link href=\"https:\/\/fonts.googleapis.com\/css?family=Open+Sans:300,300i,400,400i,600\" rel=\"stylesheet\">\n<link href=\"\/\/customer.cludo.com\/css\/296\/1798\/cludo-search.min.css\" type=\"text\/css\" rel=\"stylesheet\"> <link rel=\"stylesheet\" href=\"\/etc.clientlibs\/trendresearch\/clientlibs\/clientlib-trendresearch.min.css\" type=\"text\/css\"> <meta property=\"og:url\" content=\"https:\/\/www.trendmicro.com\/en_us\/research\/22\/a\/defending-users-NAS-devices-from-evolving-threats.html\"><br \/>\n<meta property=\"og:title\" content=\"Defending Users\u2019 NAS Devices From Evolving Threats\"><br \/>\n<meta property=\"og:site_name\" content=\"Trend Micro\"><br \/>\n<meta property=\"og:image\" content=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/a\/defending-users-nas-devices-from-evolving-threats\/cover-defending-users-nas-from-evolving-threats.jpg\"><br \/>\n<meta property=\"og:locale\" content=\"en_US\"> <meta name=\"twitter:card\" content=\"summary_large_image\"><br \/>\n<meta name=\"twitter:site\" content=\"@TrendMicro\"><br \/>\n<meta name=\"twitter:title\" content=\"Defending Users\u2019 NAS Devices From Evolving Threats\"><br \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/a\/defending-users-nas-devices-from-evolving-threats\/cover-defending-users-nas-from-evolving-threats.jpg\"> <\/head> <body class=\"articlepage page basicpage context-business\" id=\"readabilityBody\" readability=\"48.388128814986\"> <!-- Page Scroll: Back to Top --> <a id=\"page-scroll\" title=\"VerticalPageScroll\" href=\"javascript:jumpScroll($(this).scrollTop());\"> <span class=\"icon-chevron-up\"><\/span> <\/a> <!-- \/* Data Layer *\/ --> <\/p>\n<div class=\"root responsivegrid\">\n<div class=\"aem-Grid aem-Grid--12 aem-Grid--default--12 \">\n<div class=\"articleBodyNoHero aem-GridColumn aem-GridColumn--default--12\">\n<div class=\"research-layout article container\" role=\"contentinfo\">\n<article class=\"research-layout--wrapper row\" data-article-pageid=\"1851040839\">\n<div class=\"col-xs-12 col-md-12 one-column\">\n<div class=\"col-xs-12 col-md-12\" readability=\"8.6966292134831\">\n<div class=\"article-details\" role=\"heading\" readability=\"36.719101123596\"> <span class=\"article-details__bar\" role=\"img\"><\/span> <\/p>\n<p class=\"article-details__description\">In our latest research, we analyze the threats targeting well-known brands of network-attached storage (NAS) devices. <\/p>\n<p class=\"article-details__author-by\">By: Stephen Hilt, Fernando Merces <time class=\"article-details__date\">January 20, 2022<\/time> <span>Read time:&nbsp;<\/span><span class=\"eta\"><\/span> (<span class=\"words\"><\/span> words) <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<hr class=\"research-layout-divider\"> <main class=\"main--content col-xs-12 col-md-8 col-md-push-2\"> <\/p>\n<div class=\"richText\" readability=\"41.989028213166\">\n<div readability=\"32.081504702194\">\n<p>Threats to the internet of things (IoT) continue to evolve as users and businesses grow increasingly reliant on these tools for constant connectivity, access to information and data, and workflow continuity. Cybercriminals have taken notice of this dependence and now regularly update their known tools and routines to include network-attached storage (NAS) devices to their list of targets, knowing full well that users rely on these devices for storing and backing up files in both modern homes and businesses. More importantly, cybercriminals are aware that these tools hold valuable information and have only minimal security measures.<\/p>\n<p>In our latest research paper, <b>\u201c<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/internet-of-things\/reinforcing-nas-security-against-pivoting-threats\" target=\"_blank\" rel=\"noopener\">Backing Your Backup: Defending NAS Devices Against Evolving Threats<\/a>,\u201d<\/b> we studied the current infrastructure, environment, threats, and recommendations for defending systems against current threats targeting NAS devices. To emphasize the importance of mitigating the risks of malware infection and targeted attacks on NAS devices, we analyzed the technical details of two malware families that potentially included NAS devices in their existing business models, the <a href=\"https:\/\/www.trendmicro.com\/vinfo\/tmr\/?\/us\/security\/news\/cybercrime-and-digital-threats\/ransomware-double-extortion-and-beyond-revil-clop-and-conti\">REvil<\/a> ransomware and <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/21\/l\/the-evolution-of-iot-linux-malware-based-on-mitre-att&amp;ck-ttps.html\">StealthWorker<\/a> botnets.<\/p>\n<p><span class=\"body-subhead-title\">REvil<\/span><\/p>\n<p>While the disappearance of REvil (aka Sodinokibi) in mid-2021 is filled with uncertainty, security researchers have <a href=\"https:\/\/twitter.com\/malwrhunterteam\/status\/1409577829289934851\">found<\/a> a Linux version of the REvil ransomware that they have dubbed as Revix. After analyzing the samples, we found four different versions of the malware, all of which rely on an embedded JavaScript Observed Notation (JSON)-based configuration to set parameters before encrypting files.&nbsp;<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/a\/defending-users-nas-devices-from-evolving-threats\/figure1-defending-nas-devices-from-evolving-threats.png\" alt=\"fig1-defending-users-NAS-devices-from-evolving-threats\"><figcaption>Figure 1. Revix\u2019s JSON-based configuration<\/figcaption><\/figure>\n<\/p><\/div>\n<div>\n<div class=\"richText\" readability=\"34\">\n<div readability=\"13\">\n<p>While some parameters are ignored by the ransomware, these are most important ones that we observed:<\/p>\n<ul>\n<li><span class=\"rte-red-bullet\"><b>pk: <\/b>A 64-byte key<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>nbody: <\/b>The ransomware note text-encoded in base64<b><\/b><\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>nname:<\/b> The ransomware note name<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>ext<\/b>: The extension added to encrypted files<\/span><\/li>\n<\/ul>\n<p>After compromising the system, the malicious actors execute it manually on a NAS device to encrypt files and create a ransom note with a unique key per victim.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/a\/defending-users-nas-devices-from-evolving-threats\/figure2-defending-nas-devices-from-evolving-threats.png\" alt=\"fig2-defending-users-NAS-devices-from-evolving-threats\"><figcaption>Figure 2. Revix encrypting a QNAP NAS device<\/figcaption><\/figure>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/a\/defending-users-nas-devices-from-evolving-threats\/figure3-defending-nas-devices-from-evolving-threats_.png\" alt=\"fig3-defending-users-NAS-devices-from-evolving-threats\"><figcaption>Figure 3. Revix ransom note <\/figcaption><\/figure>\n<\/p><\/div>\n<div class=\"richText\" readability=\"36.798474945534\">\n<div readability=\"18.89651416122\">\n<p>While the differences between the versions are minor, the group advertised the capability of encrypting NAS devices as early as May 2021 in underground forums. Given the vulnerability of NAS devices that are directly connected to the internet, we can expect a new wave of ransomware attacks affecting these gadgets in the future.<\/p>\n<p><span class=\"body-subhead-title\">StealthWorker<\/span><\/p>\n<p>In 2021, security researchers <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2019\/02\/new-golang-brute-forcer-discoveredamid-\">found<\/a> brute-force attacks launched from the StealthWorker botnet on Synology NAS devices. We found multiple samples for this botnet and confirmed that newer versions are capable of brute-forcing and compromising servers running on several products and systems such as WooCommerce and WordPress. This botnet is also designed to generally attack any web server using HTTP authentication and other NAS devices like QNAP. Valid credentials found during compromise are then uploaded to the command-and-control (C&amp;C) server, usually at port 5028\/TCP.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/a\/defending-users-nas-devices-from-evolving-threats\/figure4-defending-nas-devices-from-evolving-threats.png\" alt=\"fig4-defending-users-NAS-devices-from-evolving-threats\"><figcaption>Figure 4. StealthWorker brute-force function targeting QNAP devices<\/figcaption><\/figure>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/a\/defending-users-nas-devices-from-evolving-threats\/figure5-defending-nas-devices-from-evolving-threats.png\" alt=\"fig5-defending-users-NAS-devices-from-evolving-threats\"><figcaption>Figure 5. Infected Linux device connected to a C&amp;C server<\/figcaption><\/figure>\n<\/p><\/div>\n<div class=\"richText\" readability=\"35.747053490481\">\n<div readability=\"21.081595648232\">\n<p><span class=\"body-subhead-title\">How to protect NAS devices<\/span><\/p>\n<p>Without proper security implemented in NAS devices, users and businesses will continue to be targeted since these tools can be used as entry points for information theft, malware infection, and the disruption of operations, among others. Here are some best practices to protect your systems against threats that leverage the gaps in your NAS devices:<\/p>\n<ul>\n<li><span class=\"rte-red-bullet\">Avoid connecting a NAS device directly to the internet.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Regularly change the credentials for accessing an NAS device. Never use the preset default credentials that come with the device as these are well-known to malicious actors.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Enable two-factor authentication (2FA) for additional security.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Regularly check NAS manufacturers\u2019 online security guides, such as Synology\u2019s recommended <a href=\"https:\/\/kb.synology.com\/en-us\/DSM\/tutorial\/How_to_add_extra_security_to_your_Synology_NAS\">best practices<\/a> and QNAP\u2019s recently released <a href=\"https:\/\/www.qnap.com\/en\/security-news\/2022\/take-immediate-actions-to-secure-qnap-nas\">suggestions<\/a> on how to help defend their devices against additional exposure on the internet.<\/span><\/li>\n<\/ul>\n<p>To find more technical details, threats, insights, and recommendations in protecting your NAS device, download our research <b>\u201c<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/internet-of-things\/reinforcing-nas-security-against-pivoting-threats\">Backing Your Backup: Defending NAS Devices Against Evolving Threats<\/a>.\u201d<\/b><\/p>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<section class=\"tag--list\">\n<p>Tags<\/p>\n<\/section>\n<p> <\/main> <\/article>\n<\/div>\n<\/div><\/div>\n<\/div>\n<p> <!-- \/* Core functionality javascripts, absolute URL to leverage Akamai CDN *\/ --> <!--For Modal-start--> <\/p>\n<p> <span>sXpIBdPeKzI9PC2p0SWMpUSM2NSxWzPyXTMLlbXmYa0R20xk<\/span> <\/p>\n<p> <!--For Modal-end--> <!-- Go to www.addthis.com\/dashboard to customize your tools --> <\/body> Read More <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/22\/a\/defending-users-NAS-devices-from-evolving-threats.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In our latest research, we analyze the threats targeting well-known brands of network-attached storage (NAS) devices. Read More HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":44900,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[9546,9510,9521,9511,9508,9555,9514,9513,9539,9597],"class_list":["post-44899","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trendmicro","tag-trend-micro-research-apttargeted-attacks","tag-trend-micro-research-articles-news-reports","tag-trend-micro-research-cyber-crime","tag-trend-micro-research-cyber-threats","tag-trend-micro-research-endpoints","tag-trend-micro-research-exploitsvulnerabilities","tag-trend-micro-research-iot","tag-trend-micro-research-malware","tag-trend-micro-research-ransomware","tag-trend-micro-research-smart-home"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Defending Users\u2019 NAS Devices From Evolving Threats 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Defending Users\u2019 NAS Devices From Evolving Threats 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-01-20T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/a\/defending-users-nas-devices-from-evolving-threats\/cover-defending-users-nas-from-evolving-threats.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/defending-users-nas-devices-from-evolving-threats\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/defending-users-nas-devices-from-evolving-threats\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Defending Users\u2019 NAS Devices From Evolving Threats\",\"datePublished\":\"2022-01-20T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/defending-users-nas-devices-from-evolving-threats\\\/\"},\"wordCount\":684,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/defending-users-nas-devices-from-evolving-threats\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/defending-users-nas-devices-from-evolving-threats.png\",\"keywords\":[\"Trend Micro Research : APT&amp;Targeted Attacks\",\"Trend Micro Research : Articles, News, Reports\",\"Trend Micro Research : Cyber Crime\",\"Trend Micro Research : Cyber Threats\",\"Trend Micro Research : Endpoints\",\"Trend Micro Research : Exploits&amp;Vulnerabilities\",\"Trend Micro Research : IoT\",\"Trend Micro Research : Malware\",\"Trend Micro Research : Ransomware\",\"Trend Micro Research : Smart Home\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/defending-users-nas-devices-from-evolving-threats\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/defending-users-nas-devices-from-evolving-threats\\\/\",\"name\":\"Defending Users\u2019 NAS Devices From Evolving Threats 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/defending-users-nas-devices-from-evolving-threats\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/defending-users-nas-devices-from-evolving-threats\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/defending-users-nas-devices-from-evolving-threats.png\",\"datePublished\":\"2022-01-20T00:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/defending-users-nas-devices-from-evolving-threats\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/defending-users-nas-devices-from-evolving-threats\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/defending-users-nas-devices-from-evolving-threats\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/defending-users-nas-devices-from-evolving-threats.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/defending-users-nas-devices-from-evolving-threats.png\",\"width\":480,\"height\":289},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/defending-users-nas-devices-from-evolving-threats\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trend Micro Research : APT&amp;Targeted Attacks\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/trend-micro-research-apttargeted-attacks\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Defending Users\u2019 NAS Devices From Evolving Threats\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Defending Users\u2019 NAS Devices From Evolving Threats 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/","og_locale":"en_US","og_type":"article","og_title":"Defending Users\u2019 NAS Devices From Evolving Threats 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-01-20T00:00:00+00:00","og_image":[{"url":"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/22\/a\/defending-users-nas-devices-from-evolving-threats\/cover-defending-users-nas-from-evolving-threats.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Defending Users\u2019 NAS Devices From Evolving Threats","datePublished":"2022-01-20T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/"},"wordCount":684,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/01\/defending-users-nas-devices-from-evolving-threats.png","keywords":["Trend Micro Research : APT&amp;Targeted Attacks","Trend Micro Research : Articles, News, Reports","Trend Micro Research : Cyber Crime","Trend Micro Research : Cyber Threats","Trend Micro Research : Endpoints","Trend Micro Research : Exploits&amp;Vulnerabilities","Trend Micro Research : IoT","Trend Micro Research : Malware","Trend Micro Research : Ransomware","Trend Micro Research : Smart Home"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/","url":"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/","name":"Defending Users\u2019 NAS Devices From Evolving Threats 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/01\/defending-users-nas-devices-from-evolving-threats.png","datePublished":"2022-01-20T00:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/01\/defending-users-nas-devices-from-evolving-threats.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/01\/defending-users-nas-devices-from-evolving-threats.png","width":480,"height":289},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/defending-users-nas-devices-from-evolving-threats\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Trend Micro Research : APT&amp;Targeted Attacks","item":"https:\/\/www.threatshub.org\/blog\/tag\/trend-micro-research-apttargeted-attacks\/"},{"@type":"ListItem","position":3,"name":"Defending Users\u2019 NAS Devices From Evolving Threats"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/44899","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=44899"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/44899\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/44900"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=44899"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=44899"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=44899"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}