Welcome to the 3rd edition Cyber Weekly Digest of 2024.
New and noteworthy this week: We are super excited to announce that Cyber Vigilance have partnered with CultureAI! For 2024 dull and ineffective, one size fits all security awareness tools are out, and data-driven, real-time training is in!
Now, let's take a look at our Cyber Weekly Digest, highlighting our top cyber security news picks of the week.
This week we were warned about ransomware attacks using TeamViewer, had an update on the Danish energy sector cyber attacks, learnt about high severity flaws in Bosch thermostats and was served a great article covering the surge of DDoS attacks in the environmental services industry!
Keep reading to stay up to date on the latest cyber security news.
Multiple security vulnerabilities have been disclosed in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners that, if successfully exploited, could allow attackers to execute arbitrary code on affected systems. Romanian cybersecurity firm Bitdefender, which discovered the flaw in Bosch BCC100 thermostats last August, said the issue could be weaponised by an attacker to alter the device firmware and implant a rogue version.
The cyber attacks targeting the energy sector in Denmark last year may not have had the involvement of the Russia-linked Sandworm hacking group, new findings from Forescout show. The intrusions, which targeted around 22 Danish energy organisations in May 2023, occurred in two distinct waves, one which exploited a security flaw in Zyxel firewall (CVE-2023-28771) and a follow-on activity cluster that saw the attackers deploy Mirai botnet variants on infected hosts via an as-yet-unknown initial access vector.
The Calvià City Council in Majorca announced it was targeted by a ransomware attack on Saturday, which impacted municipal services. Calvià is a historic town on the Spanish island of Majorca with a population of 50,000 and is one of Majorca's major tourism hotspots, estimated to receive 1.6 million visits annually. During the weekend, a cyberattack hit Calvia's systems, forcing the council to form a crisis committee to evaluate the damage done and formulate impact mitigation plans.
The environmental services industry witnessed an "unprecedented surge" in HTTP-based distributed denial-of-service (DDoS) attacks, accounting for half of all its HTTP traffic. This marks a 61,839% increase in DDoS attack traffic year-over-year, web infrastructure and security company Cloudflare said in its DDoS threat report for 2023 Q4 published last week. The uptick in HTTP attacks targeting environmental services websites is part of a larger trend observed annually over the past few years, specifically during COP 26 and COP 27, as well as other United Nations environment-related resolutions or announcements.
Ransomware actors are again using TeamViewer to gain initial access to organisation endpoints and attempt to deploy encryptors based on the leaked LockBit ransomware builder. TeamViewer is a legitimate remote access tool used extensively in the enterprise world, valued for its simplicity and capabilities. Unfortunately, the tool is also cherished by scammers and even ransomware actors, who use it to gain access to remote desktops, dropping and executing malicious files unhindered.