Security News > 2024 > January > New Findings Challenge Attribution in Denmark's Energy Sector Cyberattacks

New Findings Challenge Attribution in Denmark's Energy Sector Cyberattacks
2024-01-14 09:07

The cyber attacks targeting the energy sector in Denmark last year may not have had the involvement of the Russia-linked Sandworm hacking group, new findings from Forescout show. The intrusions, which targeted around 22 Danish energy organizations in May 2023, occurred in two distinct waves, one which exploited a security flaw in Zyxel firewall (CVE-2023-28771) and a


News URL

https://thehackernews.com/2024/01/new-findings-challenge-attribution-in.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-04-25 CVE-2023-28771 OS Command Injection vulnerability in Zyxel products
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device.
network
low complexity
zyxel CWE-78
critical
9.8