NAS vulnerabilities
'Mirai-like' botnet observed attacking EOL Zyxel NAS devices
https://www.theregister.com/2024/06/24/mirailike_botnet_zyxel_nas/
Seems like as good a time as any to upgrade older hardware
Just stumbled across this (overly dramatic?) article and thought I'd just post it here...
It's more to act as a reminder that if you've got a NAS that is serving content to the interwebs, then make sure it's behind a proxy of some kind to prevent weaknesses (ie in the management Web UI) being exposed.
Obvz, this article is pointing to Zyxel, but it could be your DIY home-built NAS with Cockpit: CVE-2024-2947 - just an example, not bashing that project at all.
I've used Squid and HAProxy over the years (mostly on my pfSense box) - but I'd be interested to know if there's other options that I've not heard of