Cybersecurity Chaos: CISA’s Exploit Alert and FBI’s IoT Warning!

DrayTek routers are under siege by ransomware, with over 20,000 devices compromised. The attacks involve a zero-day vulnerability, a trio of notorious threat actors, and a complex scheme of credential theft and ransomware deployment. Monstrous Mantis holds the secret sauce, sharing profits but not the recipe.

3P
Published: December 17, 2024 7:15 amAdded: December 16, 2024 at 11:21 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Ah, the joys of technology! Just when you thought you were safe, a couple of security flaws come knocking at your digital door, with hackers ready to party. Between Adobe ColdFusion and Windows Kernel-Mode Driver, it’s like the cybersecurity version of ‘Who’s Afraid of the Big Bad Wolf?’ Spoiler: You should be, if you haven’t patched up yet. Meanwhile, hackers are eyeing your webcams and DVRs like they’re the last cookies in the jar, and DrayTek routers are caught in a love triangle with ransomware. Time to batten down the hatches, folks!

Key Points:

  • Two security flaws, CVE-2024-20767 and CVE-2024-35250, have been added to CISA’s Known Exploited Vulnerabilities catalog.
  • Federal agencies urged to patch the vulnerabilities by January 6, 2025.
  • FBI warns of HiatusRAT targeting IoT devices using known vulnerabilities and weak passwords.
  • DrayTek routers exploited in a ransomware campaign involving multiple threat actors.
  • Ransomware attacks exploited a zero-day vulnerability in DrayTek devices.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?