Vendus pour quelques centaines d'euros, ces logiciels malveillants peuvent rapporter plusieurs centaines de milliers d'euros aux pirates informatiques. Néanmoins, la possession seule du rançongiciel ne permet pas aux hackers d'attaquer une entreprise.  [Lire la suite]

Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

Vendus pour quelques centaines d'euros, ces logiciels malveillants peuvent rapporter plusieurs centaines de milliers d'euros aux pirates informatiques. Néanmoins, la possession seule du rançongiciel ne permet pas aux hackers d'attaquer une entreprise.  [Lire la suite]

Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

Un rapport détaille l’évolution de la cybercriminalité russe, la sécurité des e-mails et les menaces pesant sur les infrastructures essentielles. Trellix, spécialiste de la cybersécurité et pionner dans la détection et de la réponse étendues (XDR), publie aujourd’hui son « Threat Report: Summer 2022 », qui se penche sur les tendances en matière de cybersécurité et les méthodes d’attaque […]

The post Les services aux entreprises sont la principale cible des attaques par rançongiciel first appeared on UnderNews.

Les attaques par rançongiciel ne faiblissent pas à travers la planète et sont en augmentation sur chaque continent. Les experts recommandent de ne pas payer les hackers et cette règle commence à porter ses fruits aux États-Unis.  [Lire la suite]

Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

Les attaques par rançongiciel ne faiblissent pas à travers la planète et sont en augmentation sur chaque continent. Les experts recommandent de ne pas payer les hackers et cette règle commence à porter ses fruits aux États-Unis.  [Lire la suite]

Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

Le 30 avril dernier, la société Clestra Hauserman a été victime d’une attaque par ransomware. L’entreprise demande maintenant à être placée en redressement judiciaire pour se remettre de cette attaque et 700 emplois sont actuellement menacés. La décision du tribunal paraitra le 1er aout. Ce cas fait écho à l’entreprise Lise Charmel qui, en 2020, avait […]

The post Redressement Judiciaire – Clestra Hauserman victime d’une attaque par ransomware first appeared on UnderNews.

Le prix du bitcoin est en chute depuis près de 6 mois. La nouvelle n'est pas appréciée dans le secteur des crypto-monnaies, mais elle pourrait être une aubaine pour les spécialistes de la cybersécurité.  [Lire la suite]

Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

Le prix du bitcoin est en chute depuis près de 6 mois. La nouvelle n'est pas appréciée dans le secteur des crypto-monnaies, mais elle pourrait être une aubaine pour les spécialistes de la cybersécurité.  [Lire la suite]

Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

Europol a annoncé avoir aidé plus de 1,5 million de personnes à se débarrasser de rançongiciels depuis 6 ans. Le nombre de victimes augmente d'année en année, de même que le nombre de ces logiciels.  [Lire la suite]

Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

Europol a annoncé avoir aidé plus de 1,5 million de personnes à se débarrasser de rançongiciels depuis 6 ans. Le nombre de victimes augmente d'année en année, de même que le nombre de ces logiciels.  [Lire la suite]

Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

Ce nouveau ransomware, nommé Luna et repéré par les chercheurs en sécurité de chez Kaspersky, est capable de chiffrer les machines sous Windows, Linux, mais également VMware ESXi. Une nouvelle fois, et je le répète, un ransomware s'en prend aux serveurs VMware ESXi dans le but de chiffrer l'ensemble des machines virtuelles.

Repéré par les chercheurs en sécurité de chez Kaspersky dans une annonce présente sur un forum du dark web, le ransomware Luna s'adresser aux cybercriminels parlant le russe. En effet, d'après Kaspersky, l'annonce indique que Luna ne travaille qu'avec des affiliés russophones et l'anglais ne serait pas irréprochable dans les notes de la rançon.

Bien qu'il semble encore en phase de développement, les chercheurs en sécurité ont pu l'analyser. Il utilise un schéma de chiffrement peu courant qui combine un échange de clés Diffie-Hellman avec une courbe elliptique Curve25519, avec l'algorithme de chiffrement symétrique AES (Advanced Encryption Standard). Pour le moment, les options disponibles sont peu nombreuses comme le montre cette image issue de la publication de Kaspersky.

Au niveau du code en lui-même, il s'avère que le ransomware Luna est écrit en Rust, ce qui permet de faciliter la portabilité d'un système à un autre en modifiant un minimum de code. Les chercheurs précisent : "Les échantillons Linux et ESXi sont compilés à partir du même code source avec quelques modifications mineures par rapport à la version Windows. Le reste du code ne présente aucune modification significative par rapport à la version Windows.". Cela confirme une tendance dans la création de logiciels malveillants : les pirates utilisent de plus en plus les langages Rust et Golang.

Les ransomwares compatibles avec VMware ESXi sont de plus en plus nombreux, et de nouveaux noms sortent chaque fois. Après RedAlert début juillet, le ransomware Black Basta en juin dernier et le ransomware Cheerscrypt en mai dernier, sans compter d'autres, plus anciens comme HelloKitty, c'est Luna qui vient s'ajouter à cette liste.

Maintenez à jour vos serveurs VMware ESXi pour vous protéger contre les failles de sécurité et éviter la compromission pouvant mener à l'exécution d'un ransomware.

Source

The post Luna, un ransomware codé en Rust qui s’attaque à VMware ESXi, Linux et Windows first appeared on IT-Connect.

Le lundi 4 juillet, La Poste Mobile a subi une attaque informatique de type "ransomware" et c'est bien la souche malveillante LockBit 3.0 qui a touché l'entreprise française.

Sur son site officiel, La Poste Mobile a mis en ligne une page qui confirme la cyberattaque : "Les services administratifs et de gestion de La Poste Mobile ont été victimes, ce lundi 4 juillet, d’un virus malveillant de type rançongiciel.". Aujourd'hui encore, cette page s'affiche lorsque l'on tente d'accéder au site de La Poste Mobile, ou à son espace client. Il s'agit d'une mesure de protection, car La Poste Mobile a déconnecté les systèmes informatiques concernés par cette attaque : "Cette action de protection nous a conduit à fermer momentanément notre site internet et notre espace client.".

Voici la page du site www.lapostemobile.fr :

Dans un premier temps, avant même que La Poste Mobile confirme l'attaque, les cybercriminels de LockBit ont mis en ligne sur leur site qu'ils avaient compromis La Poste Mobile. Une revendication très rapide, seulement quelques jours après l'attaque. Ensuite, La Poste Mobile a publié différents messages en évoquant une maintenance pour améliorer les produits et services, car des utilisateurs commençaient à rencontrer des problèmes. Probablement le temps de réaliser les premières constatations. Le vendredi 8 juillet 2022, l'entreprise française a reconnu la présence de cette attaque informatique.

Quels sont les éléments chiffrés par le ransomware LockBit ? Une bonne question à laquelle La Poste Mobile apporte quelques éléments de réponse : "Nos premières analyses établissent que nos serveurs essentiels au fonctionnement de votre ligne mobile ont bien été protégés. En revanche, il est possible que des fichiers présents dans des ordinateurs de salariés de La Poste Mobile aient été affectés. Certains d’entre eux pourraient contenir des données à caractère personnel.". Dans les prochaines semaines, les clients de La Poste Mobile pourraient faire l'objet de campagnes de phishing : méfiance. 

Il y a peu, je vous ai parlé de la nouvelle version du ransomware LockBit, à savoir LockBit 3.0, afin d'évoquer le programme de bug bounty mis en place par les cybercriminels de LockBit. Depuis plusieurs années, LockBit est un ransomware redoutable qui fait énormément de victimes.

The post La Poste Mobile victime du ransomware LockBit 3.0 ! first appeared on IT-Connect.

L'entreprise de cybersécurité Emsisoft a mis en ligne un outil de déchiffrement gratuit pour les victimes des ransomwares AstraLocker et Yashma. Une très bonne nouvelle puisqu'il devient possible de récupérer ses données sans payer la rançon.

Disponible au téléchargement directement sur le site d'Emsisoft, il est accompagné d'un guide qui explique comment l'utiliser afin de récupérer ses données. Cela compense par supprimer la souche malveillante de la machine compromise, ou à minima de la mettre en quarantaine, afin que l'outil de déchiffrement soit en mesure de rentrer en action, comme le précise Emsisoft : "Veillez d'abord à mettre le logiciel malveillant en quarantaine, sinon il risque de verrouiller votre système ou de chiffrer des fichiers à plusieurs reprises.".

Sans aucune configuration particulière, l'outil de déchiffrement va s'intéresser aux lecteurs locaux montés sur la machine, comme le disque "C". En complément, l'utilisateur peut ajouter des emplacements supplémentaires à analyser. Le décrypteur AstraLocker prend en charge les extensions ".Astra" ou ".babyk" associés à 8 clés de chiffrement différentes. Il faut savoir qu'AstraLocker est un ransomware basé sur le code source de Babuk, un ransomware pour lequel il existe déjà un outil de déchiffrement mis en ligne par l'entreprise Avast.

Quant au ransomware Yashma, il est distribué sous l'appellation "AstraLocker 2.0" et il est basé sur le  ransomware Chaos. Lorsqu'il chiffre des données, les fichiers héritent de l'extension ".AstraLocker" ou d'une suite de 4 caractères alphanumériques aléatoires.

Finalement, ce n'est pas une surprise de voir ces outils de chiffrement car les cybercriminels derrière le ransomware AstraLocker ont pris la décision d'arrêter cette activité afin de ce concentrer sur le minage de cryptomonnaie, d'après les informations obtenus par le site Bleeping Computer. Il se pourrait également que ce soit parce qu'ils sont dans le viseur des forces de l'ordre. Quoi qu'il en soit, c'est toujours une bonne nouvelle quant un outil de déchiffrement est mis en ligne !

Voici les liens vers les outils de déchiffrement :

• Ransomware AstraLocker
• Ransomware Yashma

Source

The post Voici les outils de déchiffrement pour les ransomwares AstraLocker et Yashma first appeared on IT-Connect.

L’Agence nationale de la sécurité des systèmes d’information (ANSSI) a récemment publié son rapport d’activité 2021 faisant état de 2089 signalements et près de 1100 incidents pour 17 opérations de cyberdéfense. Ces chiffres et les actions de protection déployées prouvent que les organisations doivent rester vigilantes et comprendre quels sont leurs plus grands risques de sécurité.

The post 2022 : la cybercriminalité as-a-Service s’affûte first appeared on UnderNews.

Un nouveau ransomware surnommé RedAlert s'attaque aux serveurs VMware ESXi dans le but de chiffrer les machines virtuelles. Les hyperviseurs VMware sont de plus en plus dans le viseur des ransomwares.

Après le ransomware Black Basta en juin dernier et le ransomware Cheerscrypt en mai dernier, c'est un nouveau rançongiciel baptisé RedAlert qui est conçu pour s'attaquer aux hyperviseurs VMware. C'est par l'intermédiaire du compte Twitter de MalwareHunterTeam que l'on a appris l'existence de ce nouveau ransomware surnommé RedAlert ou N13V. Pourquoi ces deux noms ? D'une part, le nom RedAlert apparaît au sein d'une note de rançon, et d'autre part le nom "N13V" est utilisé en interne par les cybercriminels.

Comme je le disais en introduction, ce nouveau ransomware dispose d'un module de chiffrement pour les serveurs VMWare ESXi. Il est capable d'éteindre les machines virtuelles avant de procéder aux chiffrements des fichiers correspondants aux machines virtuelles, notamment les disques virtuels VMDK, les fichiers de SWAP, les fichiers de log, etc.

Le site Bleeping Computer a mis en ligne les différentes options prises en charge par ce ransomware :

-w Stopper toutes les machines virtuelles démarrées
-p Chemin des fichiers à chiffrer (par défaut seulement les fichiers dans ce dossier, sans récursivité)
-f Fichiers à chiffrer
-r Activer la récursivité, en complément de l'option "-p".
-t Vérifier le temps pour chiffrer les données et obtenir des statistiques
-n Rechercher les fichiers à chiffrer sans les chiffrer maintenant.
-x Test de performances pour le chiffrement. DEBUG TESTS
-h Afficher l'aide

Sans surprise, et comme le font les autres ransomwares, lorsque l'option "-w" est utilisée le ransomware RedAlert va s'appuyer sur une commande "esxcli" pour éteindre les différentes machines virtuelles. Pour le chiffrement en lui-même, le ransomware RedAlert s'appuie sur l'algorithme de chiffrement NTRUEncrypt, ce qui n'est pas fréquent avec les autres ransomwares.

Afin de permettre le paiement de la rançon, un site est accessible par l'intermédiaire du réseau Tor et les instructions sont indiquées dans un fichier nommé "HOW_TO_RESTORE". Dans le cas où une entreprise compromise souhaite payer la rançon, il faut savoir qu'il n'y a que les paiements avec la cryptomonnaie Monero qui sont acceptés.

Enfin, il faut savoir que RedAlert applique le principe de la double extorsion : les données sont exfiltrées avant d'être chiffrées, ce qui signifie qu'elles seront mises en ligne si l'entreprise décide de ne pas payer la rançon. A ce jour, le site data leak de RedAlert contient les données d'une seule entreprise, ce qui montre qu'il est relativement récent.

Source

The post Le nouveau ransomware RedAlert s’attaque aux serveurs VMware ESXi first appeared on IT-Connect.

Les cybercriminels derrière le ransomware LockBit ont dévoilé une nouvelle version de leur logiciel malveillant : LockBit 3.0. Cette nouvelle version intègre une nouvelle méthode d'extorsion, prend en charge les paiements Zcash et surtout elle met à l'honneur un programme Bug Bounty : une première pour un ransomware.

Le ransomware LockBit fait très souvent parler de lui, car il est à l'origine de très nombreuses attaques. Accessibles par l'intermédiaire de la formule Ransomware-as-a-Service (RaaS), il passe en version 3.0 après deux mois en phase de tests. Il est intéressant de prendre connaissance des changements opérés pour avoir en tête les nouvelles techniques employées par les cybercriminels.

Pour la première fois, un groupe de pirates informatiques propose un programme de Bug Bounty pour un ransomware. Habituellement, ce sont les entreprises privées qui mettent en place un programme de Bug Bounty (Microsoft, par exemple) pour récompenser avec de l'argent les personnes qui parviennent à découvrir une faille de sécurité dans un logiciel.

Cette fois-ci, LockBit 3.0 invite les chercheurs en sécurité et les hackers éthiques (ou non) à participer à ce programme de Bug Bounty. Une récompense est promise en fonction de la criticité du bug de sécurité découvert et de son origine. Par exemple, vous pouvez obtenir une récompense si vous découvrez un bug qui permet de déchiffrer les fichiers, ou si vous trouvez un bug dans le réseau Tor qui permet d'identifier l'adresse IP du serveur où est installé le domaine en ".onion". La récompense est comprise entre 1 000 dollars et 1 million de dollars. Pour obtenir une récompense de 1 million de dollars, il faut dévoiler l'identité du gestionnaire du programme d'affiliation LockBit (opération de doxxing).

Bien entendu, participer à ce Bug Bounty n'est pas comparable à celui d'une entreprise privée : cette action sera considérée comme étant illégale dans de nombreux pays. Par ailleurs, les cybercriminels sont en mesure de récompenser les personnes qui auraient de brillantes idées pour améliorer le ransomware LockBit.

Pour le paiement de la rançon, LockBit accepte plusieurs cryptomonnaies : Bitcoin et Monero, et désormais le Zcash qui est plus difficile à tracer. Cette nouvelle version utiliserait un nouveau modèle d'extorsion qui permettrait à des cybercriminels d'acheter les données volées lors des attaques, directement à partir du site où sont mis en ligne les leaks. Enfin, sachez que la note de la rançon n'est plus nommée "Restore-My-Files.txt" mais "<ID>.README.txt".

Source

The post LockBit 3.0 : le premier ransomware à proposer son programme de Bug Bounty first appeared on IT-Connect.

Terramaster TOS 5 NAS Software Review – Network Better? If you are an existing Terramaster NAS owner, or are someone that has been considering their NAS brand for your private server purchase, then you might have heard that they recently released their latest BIG software update. Upgrading from TOS 4 to TOS 5, this new […]

Depuis plusieurs mois, les NAS QNAP sont ciblés par des cyberattaques, et malheureusement, cela devient une habitude. Comme le mois dernier, c'est une nouvelle fois le ransomware DeadBolt qui s'en prend aux NAS de la marque QNAP. Le fabricant a mis en ligne un message d'avertissement vendredi dernier.

Cette fois encore, QNAP demande à ses utilisateurs de vérifier que leurs NAS bénéficient bien de la dernière version du système, car de nouveaux correctifs de sécurité sont intégrés régulièrement. Par ailleurs, QNAP demande à ses utilisateurs de ne pas exposer le NAS sur Internet afin de bloquer les connexions à distance, en dehors du réseau local. Personnellement, cela m'étonne, car si un NAS est à jour et qu'il est correctement configuré, il devrait être suffisamment sécurisé pour ne pas être mis à mal facilement par un ransomware. À moins qu'une vulnérabilité zero-day soit utilisée, ce qui ne semble pas être le cas même si des investigations sont en cours.

Au sein de son bulletin d'alerte, QNAP précise : "QNAP a récemment détecté une nouvelle campagne de ransomware DeadBolt. Selon les rapports des victimes, la campagne semble cibler les périphériques NAS de QNAP fonctionnant avec QTS 4.x.". Lorsqu'un NAS est compromis, les fichiers chiffrés ont l'extension .deadbolt. Si vous n'avez pas de sauvegarde de vos données, la seule solution ce sera de payer la rançon à moins de faire une croix sur vos données. Le support QNAP est disponible pour aider les personnes qui ont besoin d'aide.

Le montant de la rançon associée au ransomware DeadBolt est de 0,03 bitcoin, ce qui correspond à environ 580 euros compte tenu de la valeur actuelle du bitcoin.

Au-delà du ransomware DeadBolt, à l'origine de plusieurs campagnes, les NAS QNAP sont ciblés aussi par les ransomwares Qlocker et eCh0raix. Il y a quelque temps, le ransomware DeadBolt s'en est pris aussi aux NAS ASUSTOR.

Source

The post Le ransomware DeadBolt : nouvelles attaques en cours, QNAP mène des investigations first appeared on IT-Connect.

Terramaster TOS 5 Software Update RELEASED!

According to Terramaster the new TOS 5 release has been in development for one and half years, includes more than 50 new features, 600 enhancements, comprises 300,000 lines of new code and now, the long-awaited TOS 5.0 is officially released today! Although there are a huge number of improvements under the bonnet, there is also a whole bunch of improvements on the surface too, ranging from improvements in the GUI and responsiveness to new fully featured applications. Here is what you need to know.

TOS 5 Now has a Secure HyperLock-WORM file system Option

Data is a precious asset of the vast majority of users, and data security is very important! Some data storage and custody are even regulated by law, such as court cases, medical cases, financial securities, company financial data, etc. These important data can only be read but not written within a specified time period according to the law. Therefore, such data needs to be protected against tampering. The WORM (Write Once Read Many) features provide a write-once-read-many technology, which is a commonly used method for data security access and archiving in the storage industry. The WORM feature means that after the file is written, it can enter the read-only state by removing the write permission of the file. In this state, the file can only be read and cannot be deleted, modified, or renamed. By configuring the WORM feature to protect the stored data, it can be prevented from accidental manipulation.

TerraMaster HyperLock-WORM file system is a storage system with WORM characteristics. Through the write-once-read-many technology, the integrity, confidentiality, and accessibility of the original data in the storage medium are guaranteed to satisfy the sensitive requirements of enterprises. Data security storage and legal supervision needs. The characteristic of the TerraMaster HyperLock-WORM file system is that its WORM feature is developed based on the file system and is not limited by the file service type. It is suitable for most common file services, but can only be set by the administrator. Administrators can flexibly assign read and write permissions to users and set a protection period. During the protection period, the data uploaded to the device can only be read and cannot be deleted, modified, or renamed. The protection period can be set up to 70 years! In order to improve security, once the protection period is set, it can only be extended but not shortened.

Compared with other storage solutions with WORM features, the TerraMaster HyperLock-WORM file system has higher security. Once the TerraMaster HyperLock-WORM file system is created, even the administrator cannot delete or modify the storage partition from the menu page or the system background. As long as the storage device is safely placed in an isolated environment, anyone without access to the NAS hardware devices, even employees with administrator privileges or hackers, cannot pose a threat to the data. TerraMaster HyperLock-WORM file system is an innovation in data security management, which can provide more secure protection for customers’ important digital assets, and is suitable for industries with important data such as government, public health, law, finance, and enterprises.

New Storage Utilities in TOS 5

The core function of a TNAS is data storage and backup. TOS 5 has fully optimized storage management and added more utilities to facilitate users to monitor the health status of storage space and increase storage space utilization.

• Hard disk Benchmark
  Through the hard disk benchmark test, you can better understand your hard disk’s read/write, latency, and throughput performance. The hard disk benchmark can also reflect the health of the hard disks
• Hard Disk Secure Erase
  Secure Erase can completely erase the data on the disk by randomly writing 0 or 1 to the disk. Securely erased hard drive data can no longer be recovered, suitable for users who store sensitive data.
• SMART Long Test
  SMART is an important indicator of hard drive reliability. SMART Quick Test and SMART Long Test options have been added to TOS 5. You can get more accurate hard drive health indicators with the SMART long test, but the advanced long will take more time.
• Hard Disk Bad Block Warning
  Enable monitoring of the bad blocks of the hard disk. Once the number of bad blocks increases, a notification and warning will be sent to the administrator.
• SSD TRIM
  By periodically TRIMing the SSD, the storage sectors are pre-initialized to maintain the excellent read and write performance of the SSD.
• Hard disk Operation Log
  Record all operations of the system or the user to the hard disk.
• Array Synchronization Settings
  Device performance is affected during array synchronization. The new system allows users to customize the synchronization speed of the array according to their needs.
• Data Scrubbing
  Data scrubbing is the process of modifying or removing incomplete, incorrect, inaccurately formatted, or duplicated data in a database. Data scrubbing improves data consistency, accuracy,and reliability.
• File System Defragmentation
  File system defragmentation can reorder, optimize and organize scattered data fragments, thereby improving the efficiency of disk data reading and writing.
• File System Compression
  Once file system compression is enabled, data stored to TNAS will be automatically compressed to save storage space. Users can customize the compression level. The higher the compression level, the higher the compression rate and the more space saved, but the slower the writing speed.
• SSD Cache Array
  Failure of an SSD serving as a cache will risk data loss. Users of TOS 5 can set up an array for multiple SSD caches, such as RAID 1 for 2 SSDs, even if one SSD fails, it will not affect the normal operation of the cache, thereby reducing the risk of data loss.

• 

New Photo Management Tool with AI-Powered Cataloging and Identification – (Still in Beta at time of writing)

Terra Photos is a smart photo management application. Through the AI ​​algorithm, Terra Photos can recognize and classify the faces, pets, things, and scenes of the photos in the specified directory, which is convenient for you to sort, classify and share the photos through the graphical interface. Terra Photos is the ideal photo management tool for home users, photographers, and creative agencies.

• AI face recognition
  Terra Photos has a built-in AI algorithm that can automatically recognize and classify faces with an accuracy rate of up to 80%. For wrongly recognized faces, Terra Photos also provides manual correction methods to provide greater convenience for photo management.
• Broader AI applications
  Not only face recognition, Terra Photos can also automatically identify dozens of categories such as pets, objects, landscapes, sports, vehicles, and flowers by enhancing AI operations. Terra Photos provides users with smarter management tools, greatly increasing the usefulness of photo management.
• Geographical Classification
  By integrating the GPS location information of photos through map resources, Terra Photos can also automatically categorize your photos by geographic location, making it easier for you to quickly query your photos.
• Take into account personal privacy and sharing
  Terra Photos adopts a separate storage strategy for personal photos and shared photos of family members. The two kinds of photos are stored in directories with different access rights, which helps to protect personal privacy and facilitates the sharing of photos between family members or business customers. share with each other.
• Flat UI
  Terra Photos uses a flat user interface to flatly display the user’s commonly used categories in the first-level directory, such as photos, albums, videos, people, pets, objects, locations, recently added, and favorites, which is more conducive to users to quickly browse and find target photo.
• More flexible management strategies
  Terra Photos’ flexible query filtering strategy can begin to help you filter out the photos you want by combining the name and time of the photo, with the combination of the year, month, day, and ascending and descending order.
• Share happiness and creativity
  Terra Photos provides users with sharing tools, you can choose to create photos or share albums and flexibly formulate sharing strategies, sub-defining sharing titles, sharing links, effective time, access passwords, download permissions, etc. Terra Photos provides an easier way for home-sharing or business client sharing.

Surveillance Manager for Adding and Monitoring Multiple IP Cameras on a Live feed on Your  Terramaster NAS

Surveillance Manager is a video surveillance management tool. Through Surveillance Manager, you can build a video surveillance system with multiple IP cameras and TNAS, connect your cameras through ONVIF protocol, manage cameras, view real-time recordings, view historical recordings, and store the recordings of network cameras directly in TNAS to specify storage location.

• Simple to Use
  Surveillance Manager uses web browsers for configuration and management. The recording device does not need to be connected to a monitor, and any computer in the network can log in to the system to view the recording.
• Good Compatibility
  The surveillance Manager adopts the general ONVIF protocol and can adapt to most general-purpose cameras. It supports the automatic camera search, which simplifies the connection configuration of the cameras
• Suitable for Medium-sized Users
  The surveillance Manager can connect dozens of cameras at the same time and support multi-channel recording. Suitable for families and small and medium-sized business users.
• Multi-channel Real-time Monitoring
  The surveillance Manager supports multi-channel real-time monitoring. The screen display layout of monitoring can be customized, and the screens can be switched with one click.
• Timeline Rollback
  Roll back the recorded video by dragging the timeline or customizing the time period, making it easier to view historical events.
• Recording Schedule
  The surveillance Manager supports custom recording schedules and activity-triggered recordings to increase storage space utilization.
• Form Recording Storage
  The recorded video is classified and stored according to the camera and time, which is convenient for quick query and download

• 

New iSCSI Manager Application to Manager Larger Storage on your Terramaster NAS

Terramaser NAS is widely used as a storage device for virtualized computing. With TerraMaster iSCSI Manager, you can create multiple iSCSI targets and LUNs on your TNAS, and customize the capacity, permissions, and connections through a graphical interface to meet your storage space requirements in different virtualization environments.

• Custom ISCSI Target IQN
  Using iSCSI Manager, create multiple iSCSI targets on your TNAS and customize IQNs to help you easily identify. You can also choose to enable authentication or mutual authentication for the iSCSI Target to increase access security.
• Customize network management policies
  To improve network utilization efficiency, you can designate a dedicated network interface and channel for the iSCSI Target to separate the iSCSI Target’s network from the networks of other services. To optimize the transfer efficiency of the iSCSI Target, you can also limit the maximum fragment size in bytes transmitted and received.
• Multiple session connections
  In order to adapt to complex virtualization application scenarios, iSCSI Manager allows users to enable multiple session connections from one or more initiators for iSCSI Target. Note: Multiple session connections provide flexible connection methods for initiators, but improper settings may put your data at risk! Make sure you use multiple session connections in a cluster-aware file system.
• Balance performance and flexibility
  You can create multiple LUNs and mount them to the iSCSI Target you specify. iSCSI Manager provides Thick provisioning and Thin provisioning configuration strategies for LUN storage space. Thick provisioning can provide better storage performance, in contrast, thin provisioning can provide more flexible storage space utilization.
• Safer protection
  Combined with the Snapshot technology, you can take snapshots of LUNs to prevent data loss caused by misoperations or accidents. Note: Snapshots are not supported for LUNs under the Thick provisioning configuration.
• Initiator access control
  By default, all connected initiators in iSCSI Manager have read and write permissions to LUNs. You can also customize access permissions for each initiator to meet the needs of various occasions.
• Low-capacity write protection
  When the storage space of the LUN is about to be exhausted, if the initiator continues to write data to the LUN, the LUN may be destroyed. For this reason, iSCSI Manager has specially designed the low-capacity write protection function. When the LUN is in low capacity, it will prevent the initiator from continuing to write data for protection.

New CloudSync Tool for connecting your 3rd Party Cloud Services and Remote Servers in TOS 5

CloudSync is a cloud drive synchronization application for fast and secure data synchronization between your TNAS and cloud drives. It is a very practical and efficient one-stop cloud drive disaster recovery solution. Different from previous versions, in TOS 5, we have integrated the synchronization of various cloud drives into one application, which is more convenient for users to use. At the same time, we have also redesigned the application layout, added some features, and optimized the user experience.

• Support multiple cloud drives
  CloudSync integrates a variety of mainstream cloud drive synchronization functions in one application, including Google Drive, OneDrive, Amazon S3, Dropbox, Baidu, Alibaba Cloud, etc. It only needs to manage one application to meet different cloud drive synchronization management.
• Multiple synchronization strategies
  CloudSync provides users with two-way and one-way synchronization strategies. Two-way synchronization can meet the flexible needs of data utilization, and one-way synchronization can meet the focus of data protection and increase data security.
• Data leakage prevention strategy
  In order to improve the protection of sensitive data, CloudSync supports data encryption. You can encrypt the data before synchronizing it to the cloud drive, and then decrypt the data after synchronizing it back to TNAS to prevent data leakage on the cloud drive.
• Scheduled Tasks
  According to usage scenarios and business requirements, users can set the execution time of synchronization tasks by themselves to avoid the busy time of business operation.
• more flexible configuration
  In order to meet more customer needs, CloudSync also supports various flexible configurations such as synchronization bandwidth limit, file size limit, synchronization file type limit, synchronization frequency, etc.
• In full control
  CloudSync not only provides users with a detailed synchronization task configuration history, but also provides a list of millions of file backups and transfers, allowing you to monitor the backup progress and various exceptions throughout the process.

Terramaster Duple Backup Deduplication Management Tool in TOS 5

Duple Backup has not been released an official version before TOS 5 and has been developing and testing it. In TOS 5, we have redesigned Duple Backup. The new Duple Backup has optimized the user interface, added some features, and improved the user experience. Duple Backup has powerful backup and restore functions, and is a disaster recovery tool designed to strengthen the data security of TNAS devices. To prevent data loss due to TNAS device hardware failure or system failure, through Duple Backup’s intuitive user menu, you can back up important folders or iSCSI LUNs in TNAS to multiple destinations (such as remote TNAS devices, file servers, or cloud disks) ), and supports multiple backup strategies of incremental backup and multi-version backup. The backup and restore process is very simple and intuitive, and can quickly restore lost data in the event of a device failure.

• Various backup objects
  The backup object of Duple Backup can be the shared folder in TNAS or the specified file directory. Not only that, it can also back up the iSCSI LUN and the configuration of the iSCSI LUN in the TNAS device to meet the needs of backing up the data in the TNAS.
• Multiple destinations
  According to business needs, you can choose up to 4 different backup destinations for the data in TNAS, such as: another TNAS device, file server, WebDAV server, various mainstream cloud disks. With the Duple Backup Vault client, using two TNAS devices for mutual backup can greatly simplify the backup configuration process.
• Multiple backup strategies
  According to business requirements and storage resource configuration, you can select incremental backup or multi-version backup strategies for backup tasks to improve storage space utilization.
• Secure data transfer
  Taking data security into full consideration, Duple Backup uses SSL certificate encryption throughout the backup task to ensure the security of data transmission.
• Efficient transmission
  In order to improve backup efficiency, before performing backup tasks, data is compressed and then transmitted, and the maximum compression rate can be as high as 30%, which not only reduces the user’s network bandwidth usage, but also saves storage space and reduces customers’ IT investment costs
• Restoration is easy
  Through an intuitive graphical interface, Duple Backup provides suitable restoration methods for different destinations. When an accident occurs, users can use Duple Backup’s restoration tool to restore data in a very short period of time to reduce losses caused by disasters.
• 3-2-1 Backup Strategy
  In order to prevent data loss in the event of an accident, the 3-2-1 backup strategy is widely adopted by many users, that is, to keep at least 3 backups of data, 2 of which are stored on different devices, and at least 1 is stored in a different place. Duple Backup, as a backup tool specially designed for TNAS, is ideal for a 3-2-1 backup strategy.
• In full control
  Duple Backup not only provides users with a detailed backup and restore task configuration history, but also provides a list of millions of file backups and transfers, allowing you to monitor the backup progress and various exceptions throughout the process.
• Suitable for a variety of applications
  Duple Backup is not only suitable for home users, but also for business users with multiple offices or branch offices. With local backup and off-site backup of branch offices, it can provide reliable security for data.

• 

Improved Snapshot Management and Services Added in TOS 5

TerraMaster Snapshot is a disaster recovery tool developed based on the BTRFS file system. Take snapshots of shared folders or iSCSI LUNs and quickly restore data after a disaster by taking advantage of file system features. In TOS 5, Snapshot has been redesigned to add more features and improve the user experience.

• Filesystem level snapshots
  TerraMaster Snapshot is a snapshot tool based on the BTRFS file system. The Btrfs file system introduces advanced storage technology and snapshot technology to provide flexible and efficient data protection and recovery tools while improving high data integrity.
• Save your time and space
  The TerraMaster Snapshot snapshot function is based on COW (copy-on-write), so snapshots can be created almost instantaneously, and they take up almost no space when they are first created, greatly increasing the utilization of space and time. It can be said to be a perfect snapshot solution.
• Virtualization disaster recovery
  TerraMaster Snapshot can provide a good disaster recovery solution for virtualized storage space by taking snapshots of shared folders or iSCSI LUNs, whether it is virtualized storage through NFS or iSCSI.
• Higher snapshot performance
  TerraMaster Snapshot can create up to 1,024 snapshots for each shared folder and up to 65,536 snapshots for the entire system, providing you with adjustable, storage-saving data protection capabilities to meet stringent snapshot performance requirements.
• Efficient snapshot rollback
  The snapshot file resides in the same storage space as the subvolume, and you can browse it like a normal directory and restore a copy of the file as it was when the snapshot was taken. TerraMaster Snapshot arranges snapshots through a timeline, combined with an intuitive graphical interface, when you need to restore a snapshot file, you only need a few mouse clicks to roll back the snapshot to the version you need.
• Remote incremental backup
  Generating snapshots on the same storage space as the snapshot subvolume is not an ideal backup strategy, and if the hard disk fails, the snapshot will be lost. TerraMaster Snapshot can send snapshot copies as incremental backups to an external hard drive or to a remote storage system via SSH (the backup destination also needs to use the BTRFS file system) for increased data security

Complete Remote System Access Tool in TOS 5 – Security Isolation Mode

For users who pay great attention to data security but do not need to use external network resources, TerraMaster has added a new security tool in TOS 5 — Security Isolation Mode. At present, hackers and ransomware are raging around the world, and a large number of customers’ precious digital assets are under unprecedented threat. TOS 5’s unique Security Isolation Mode can provide users with a safe and reliable operating environment, isolate external risks, and protect digital assets from infringement.

• Kernel security level
  Through the digital signature based on the kernel level, once the security isolation mode is enabled, any programs that have not been signed by the system will be blocked from running, effectively preventing viruses or malicious code from running.
• Self-isolation
  The Security Isolation Mode can effectively prevent illegal in-stack and out-stack access to the external network through the self-established isolation barrier, only allow legal access in the local network, and protect the system from external malicious attacks.
• Secondary advanced protection
  In order to prevent security barriers and system protection measures from being attacked and tampered with, the Security Isolation Mode adopts secondary password verification protection. Deleting or modifying all configuration information related to security protection measures requires password verification again, effectively preventing hackers from damaging the barrier.
• Strong blocking
  Any code based on Java, php, or Python will be blocked from execution, effectively preventing the system from being injected with malicious code to threaten data security.
• Scenes to be used
  . Enterprises or organizations that are extremely sensitive to data security;
  . External network services that need to be closed and isolated, do not need to access the external network or provide remote access;
  . Only use TNAS to provide file storage, no need to run web pages, databases, mail services, virtual machines, and other applications;
  . Applicable industries: military, judicial, electric power, scientific research, medicine, and other industries

New Terramaster Flexible RAID System – TRAID

TRAID is the abbreviation of TerraMaster RAID. TRAID is a flexible disk array management tool developed by TerraMaster. It has features such as the automatic combination of disk space, hard disk failure redundancy protection, and automatic capacity expansion. All these features do not require manual configuration by the user, and the system will automatically complete the configuration according to the properties of the hard disk. TRAID provides users with an optimized, flexible and elastic disk array management solution, especially suitable for new users who are not proficient in how to configure a disk array. Once you have selected TRAID as your array type, you cannot convert TRAID to a traditional array type unless you delete and recreate the array. If you want to manage the array type manually, it is recommended that you use the traditional type when building your array, such as Single, RAID 0, RAID 1, RAID 5, RAID 6, RAID 10, etc. Below is our description of how TRAID works and a demonstration of me mixing a bunch of drives in a single RAID, one by one.

Improved Backup Management Tool in TOS 5 – Centralized Backup

Centralized Backup has not released an official version before TOS 5, and has been developing and testing it. In TOS 5, we have redesigned the Centralized Backup. The new Centralized Backup has re-optimized the user interface, added some functions, and improved the user experience. Centralized Backup is a professional disaster recovery tool specially developed for business users. By using Centralized Backup, company IT managers can use TNAS as the central backup server, without having to configure each host separately, and use TNAS as the initiator to centrally back up the storage space of internal employee computers, workstations, servers, virtual machines, or even is the system partition.

• Developed for business users
  For business users, data security is extremely important, and for IT administrators, it is a huge challenge to make timely backups of various servers and be able to manage the personal computer data of multiple employees. Centralized Backup combines the needs of business users to provide a centralized active-backup solution.
• Multi-purpose machine
  By running Centralized Backup on a TNAS device, only one TNAS device can be used to meet the backup requirements of the enterprise for employees’ computers, servers, file servers, virtual machines, and workstations, greatly reducing the enterprise’s IT investment costs.
• Employee computer backup
  Different from general backup tools, Centralized Backup does not require employees to participate in the backup process. IT administrators can initiate backup requests from the server through Centralized Backup’s PC backup module, and can actively back up folders on hundreds of employees’ computers. , disk partition, or system partition. Centralized Backup can greatly protect digital assets scattered on employees’ computers, and can greatly reduce the workload of IT administrators.
• Server backup
  The server is the central nervous system of an enterprise’s digital information. The server not only runs a variety of application environments such as OA, CRM, and ERP that support business operations, but also stores important business data. Through the server backup function of Centralized Backup, IT administrators can simultaneously backup systems and data of multiple servers to TNAS. When an accident occurs, the abnormal host can be quickly restored, greatly reducing the impact of equipment failure on the business.
• File server backup
  The file server is the storage center of enterprise digital assets. Disasters such as unexpected power outages, equipment failures, and system failures may lead to the loss of precious digital assets. Through the file server backup function of Centralized Backup, IT administrators can back up the file directories of multiple file servers to TNAS, reducing the risk of data loss in the event of a disaster.
• Virtual machine storage backup
  Centralized Backup supports storage backup of VMware Vshpere and Windows Hyper-V virtual machines. Through the virtual machine backup function of Centralized Backup, the backup of multiple virtual machine clients can be initiated from TNAS.
• Multi-version restore
  Centralized Backup provides the backup target multi-version management function. When a disaster occurs, IT administrators can roll back the time of the repository to find the correct backup version to restore to the specified destination host.
• In full control
  Centralized Backup not only provides users with detailed backup and restore task configuration history, but also provides millions of logs, allowing you to monitor the backup progress and various exceptions throughout the process. By enabling the notification function, administrators can keep track of the progress status of backup and restoration in a timely manner.

TFM Backup for Internal Backup and Folder Synchronization

TFM Backup is the abbreviation of TerraMaster Folder Mirror backup. TFM Backup is a dedicated backup tool for TNAS shared folders developed by TerraMaster. Through TFM Backup, you can easily backup the shared folders in TNAS to other local folders. Storage location or a remotely mounted folder. TFM Backup has mirror backup and differential backup to choose from, and users can realize automatic scheduled backup by configuring backup schedule tasks. TFM Backup provides users with a simple and flexible backup solution for backing up data in TNAS.

• Improve disk space utilization
  Traditional RAID 1 disk arrays use redundancy to mirror the data of one disk to another disk, which can effectively avoid the risk of data loss due to disk failure. But a RAID 1 disk array requires at least 2 disks, that is, in a RAID 1 disk array, at most 50% of the effective disk storage space is available. For some users, not all data is important data, and it may not be necessary to mirror the entire disk data. Before TerraMaster launched TFM Backup, RAID 1 array seemed to be the only choice when users made mirror backups of data on disks. Now, users can choose to use TFM Backup to selectively do mirror backup, which can increase the utilization of disk space while ensuring data security.
• Flexible backup strategy
  TFM Backup has two backup strategies: mirror backup and differential backup. In the mirror backup mode, the backup source data is always consistent with the destination data, which can reduce the work of data management; in the differential backup mode, the newly added or modified data is backed up, even if the source data is deleted, the destination The data always retains the last backup version, which can effectively avoid the loss caused by misoperation.
• Custom backup plan
  TFM Backup provides a customizable backup plan, and you can customize the backup time, period, and frequency. You can perform backups during less busy periods according to business needs to avoid disruption to normal business.
• Multiple backup tasks
  TFM Backup supports multiple backup tasks. You can use TFM Backup to create multiple backup tasks for multiple folders with different backup policies and destinations, and configure different task schedules for each task to meet the backup needs of different file types in various application scenarios.
• Flexible backup destination
  The backup destination of TFM Backup can be in a different storage pool, a different volume, or a different device (using a remotely mounted folder). To avoid data loss caused by disk hardware failure, it is recommended to set the backup destination to a volume in a different storage pool.

Improved System Storage Searches with Terra Search

For some medium or large institutions, finding the required information from the vast amount of stored literature can be a big challenge. Terra Search’s file content search capabilities can help you overcome this challenge. Terra Search can quickly find all kinds of mainstream documents containing search keywords by establishing a database and search engine, which greatly improves the work efficiency of employees.

• Customized for industry applications
  Terra Search is specially developed and customized for business users, and has the characteristics of flexibility, speed, practicability and wide application. Terra Search is suitable for institutions and enterprises that need to manage a large number of documents, such as libraries, judiciary, hospitals, scientific research, military, government, etc.
• Powerful search engine
  Terra Search has a built-in powerful search engine, combined with a large database, it can easily handle millions of document management and content search, and can search hundreds of target files per second (related to the hardware performance of the TNAS device).
• Applicable to a variety of documents
  It is widely compatible with documents in various mainstream formats, such as office documents, text files, pdf, photos, music, e-books, web files, program codes, etc., to meet more than 90% of business users’ common file search needs.
• Image text content recognition
  Terra Search has a built-in automatic recognition function of image text content, which can quickly identify text in multiple languages ​​in images. The supported image formats include jpg, gif, jpeg, png, tiff, tif, etc.
• Custom search criteria
  In order to increase search efficiency, Terra Search also provides user-defined search conditions. Users can add search conditions such as file name, extension, title, owner, creation time, etc. according to their needs.
• Custom search directory
  By setting specific search directories and file types, users can limit the scope of the search, and improve search flexibility and search efficiency.
• Search result preview
  Terra Search provides a preview function of search results. Even for pictures, you can view the search results of pictures and texts through the preview window, and quickly screen accurate search results.
• Category display
  Through the flattened category display of the search page, users can screen documents, pictures, applications, and videos from the search results, making the search results clear at a glance.

Improved VPN Service Support with VPN Server in TOS 5

VPN Server provides you with an easy-to-use VPN solution, which can set up a TNAS device as a VPN server to allow other devices to remotely connect to TNAS through a private channel to ensure data communication security. Multiple devices connected to the VPN Server can form an interconnected network through private channels.

• Supports multiple VPN protocols – TerraMaster VPN Server supports PPTP, OpneVPN and L2TP/IPSec protocols, which can adapt to different network environments and meet your different business needs.
• Multiple authentication methods – VPN Server supports PAM and LDAP authentication, can connect with local users and domain users, and supports PAP, MS-CHAP, MD5, SHA, RSA and other authentication methods to ensure the privacy of private channel connections.
• Real-time network I/O monitoring – VPN Server uses graphs to monitor the network I/O of each VPN connection in real-time, allowing you to know the status of online devices and the I/O load of the network in time.
• Simple operation interface – VPN Server uses a flat menu, each VPN connection is managed separately, and the advanced setting items use the default options to avoid troubles for users due to complicated configuration options. It is simple, intuitive, and very suitable for home users and small and medium-sized buisness users.
• Log tracking – VPN Server provides a complete operation log and execution log, which is convenient for you to understand the operation history and the connection status of the VPN service, which can help you to quickly troubleshoot the fault.

How to Upgrade to Terramaster TOS 5 from TOS 4 – What You Need To Know?

Upgrading to TOS 5 is not as straightforward as other firmware updates and there is an element of complexity that, if done wrong, might result in re-initialising your system and formatting your storage/data, so follow the steps below VERY carefully! Please follow the guide below to install the new TOS 5.0 system

Must read before installation!

1.Since the root file system, storage path, application installation location, and startup method of TOS 5.0 are different from those of the previous version, you cannot directly update to TOS 5.0 from the current version, but need to reinstall the system.

Reinstalling the system will theoretically not delete the data on your hard drive, but for safety consideration, please back up your data in advance.

1. The new TOS 5.0 system is only applicable to the x.86 series of TNAS models (220 series, 221 series, 420 series, 421 series, 422 series, 423 series);

2. Your current TOS version need to be 4.2.32 or above;

3. TNAS PC needs to be 5.0.19 or above, otherwise, it may not work properly;

4. TNAS Mobile needs to be 5.0.1 or above, otherwise, it may not work properly. Note: Currently, TNAS Mobile is only available for iOS, and the Android version will be released soon, please pay attention to our update news.

How to install TOS 5.0?  

1. Download the TOS 5.0 installation package;

2. Log in to your TOS, go to Control Panel > General Settings > Factory Default, tick “Reset to Factory default” and click “Apply” to clear your system;

3. Your TNAS will automatically restart and enter the initialization guide page; if you cannot enter the initialization page, please use the TNAS PC to search for your TNAS again, and enter the IP address of your TNAS in the browser address bar;

4. Select the “Custom” mode during the initialization process, upload the TOS 5.0 installation package, and wait for the installation to complete;

5. After the system installation is completed, the system will automatically restart; Then, follow the instructions on the page to complete the administrator settings;

6. After the system is installed, you need to clear the browser cache, otherwise some system pages may not be displayed correctly.

Installation packages download link:

1. TOS 5.0：https://download2.terra-master.com/TOS_X642.0_5.0.120_00154_2206121730.ins

2. TNAS PC for Windows OS：https://download2.terra-master.com/TerraMaster_TNASPC_for_win_V5.0.22.zip

3. TNAS PC for macOS：https://download2.terra-master.com/TerraMaster_TNASPC_for_mac_V5.0.22.dmg

4. TNAS Mobile for iOS：It will be published later.

 

This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

Need Advice on Data Storage from an Expert?

We want to keep the free advice on NASCompares FREE for as long as we can. Since this service started back in Jan '18, We have helped hundreds of users every month solve their storage woes, but we can only continue to do this with your support. So please do choose to buy at Amazon US and Amazon UK on the articles when buying to provide advert revenue support or to donate/support the site below. Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7] Terms and Conditions Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.