October 3, 2024 at 06:02PM Thousands of DrayTek routers are at risk due to 14 newly discovered firmware vulnerabilities, enabling remote code execution, denial-of-service attacks, and injection of malicious code. Forescout’s Vedere Labs found over 704,000 exposed routers, urging proactive security measures in addition to patching. Threat actors, including nation-state actors, are actively targeting vulnerable … Read more
October 2, 2024 at 10:15AM A series of critical vulnerabilities in DrayTek routers, including buffer overflow and cross-site scripting flaws, have been discovered, posing a significant security risk. Over 700,000 exposed devices globally are affected, requiring immediate patching. The incident highlights the importance of secure network practices, especially for critical infrastructure organizations. Joint cybersecurity guidance … Read more
September 5, 2024 at 07:12AM Multiple threat groups have exploited two old vulnerabilities in DrayTek VigorConnect management software to target organizations worldwide. The flaws allow attackers to download arbitrary files with root privileges. Exploitation attempts spiked in August, prompting CISA to add the vulnerabilities to its KEV catalog. The attacks seem broad and not targeting … Read more