November 2023 saw an unprecedented cyber attack on Denmark’s energy infrastructure. In a co-ordinated breach of 22 companies, criminal gangs gained access to industrial control systems.
Investigators believe at least one of the attackers was acting on behalf of a state. Michael Murphy, who heads Fortinet’s APAC Operational Technology group from the company’s Sydney office, says critical infrastructure was compromised: “Energy generation sites were forced into island operation mode, where they are no longer centrally managed.” He says the affected companies had a next-generation cybersecurity product in place that they assumed would protect them from any threat. It didn’t.
Read more…
Source: The New Zealand Herald News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- British National Pleads Guilty to Hacking into Companies and Stealing At Least $8 Million in Virtual Currency
April 17, 2026
SANTA ANA, California – A United Kingdom man pleaded guilty today to conspiring with others to hack into the computer systems of at least a dozen companies via text message phishing attacks and to steal at least $8 million in virtual currency from individual victims throughout the United States. Tyler Robert Buchanan, 24, of Dundee, Scotland, ...
- Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise
April 16, 2026
Microsoft Threat Intelligence uncovered a macOS‑focused cyber campaign by the North Korean threat actor Sapphire Sleet that relies on social engineering rather than software vulnerabilities. By impersonating a legitimate software update, threat actors tricked users into manually running malicious files, allowing them to steal passwords, cryptocurrency assets, and personal data while avoiding built‑in macOS security checks. ...
- “iCloud storage is full” scam is back, and now it wants your payment details
April 16, 2026
A few months ago, we reported on a fake cloud storage alert that triggered a redirect chain to an app that has since been delisted from the Apple Store. The threat of losing your photos is a powerful lure, so scammers are now using it to steal personal and financial details. The Guardian warns about an ...
- Europol-supported global operation targets over 75 000 users engaged in DDoS attacks
April 16, 2026
On 13 April 2026, 21 countries joined forces in a coordinated action week that focused on enforcement and prevention measures against over 75 000 criminal users engaging in distributed denial-of-service (DDoS)-for-hire services. With over 75 000 warning emails and letters being sent to identified criminal users and 4 arrests, the action week also led to the ...
- Patch these critical Fortinet sandbox bugs that let attackers bypass login, run commands over HTTP
April 15, 2026
Watch out for more Fortinet vulns! Two critical bugs in Fortinet’s sandbox could allow unauthenticated attackers to bypass authentication or execute unauthorized code on vulnerable systems. Luckily, the security vendor has issued fixes – so patch now – and so far, there are no reports of active exploitation. But considering that the vulnerabilities are now public, ...
- From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere
April 15, 2026
Malwarebytes Labs researchers uncovered multiple campaigns distributing an infostealer we track as NWHStealer, using everything from fake VPN downloads to hardware utilities and gaming mods. What makes this campaign stand out isn’t just the malware, but how widely and convincingly it’s being spread. Once installed, it can collect browser data, saved passwords, and cryptocurrency wallet information, ...