
Risky Bulletin
Risky Bulletin: Secret ransomware campaign targeted DrayTek routers for a year
Dec 16, 2024
A covert ransomware campaign targeting DrayTek routers has gone undetected for a year, raising alarming cybersecurity concerns. Recent layoffs at Yahoo and Amazon's security worries about Microsoft Office 365 highlight industry turbulence. The podcast also covers rising threats against media organizations and a surge in password spraying attacks. Furthermore, there's a notable decline in online scams in the Philippines and an exploration of regulatory actions affecting crypto exchanges and secure messaging services.
07:42
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- A secret ransomware campaign exploiting a zero-day vulnerability in DrayTek routers demonstrates the significant risks posed by advanced persistent threats.
- Recent layoffs in Yahoo's security team and the dismantling of the Ridox cybercrime marketplace reflect the evolving challenges in the cybersecurity landscape.
Deep dives
Ransomware Targeting Draytech Routers
A secret ransomware campaign has exploited a suspected zero-day vulnerability in Draytech routers for over a year, specifically employed by a group called Monstrous Mantis. This group has been able to extract router passwords, which they then shared with affiliates, including members connected to the notorious Revil Group. Notably, the Greater Manchester Police Department in the UK confirmed that they were among the victims of this cyberattack. This highlights the ongoing threats posed by advanced persistent threats (APTs) targeting essential infrastructure through unpatched vulnerabilities.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.