A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| IOCONTROL cyberweapon used to target infrastructure in the US and Isreael |
| U.S. CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog |
| German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox |
| U.S. authorities seized cybercrime marketplace Rydox |
| Experts discovered the first mobile malware families linked to Russia’s Gamaredon |
| US Bitcoin ATM operator Byte Federal suffered a data breach |
| Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement |
| Operation PowerOFF took down 27 DDoS platforms across 15 countries |
| Russia’s Secret Blizzard APT targets Ukraine with Kazuar backdoor |
| Ivanti fixed a maximum severity vulnerability in its CSA solution |
| Operation Digital Eye: China-linked relies on Visual Studio Code Remote Tunnels to spy on Europen entities |
| Chinese national charged for hacking thousands of Sophos firewalls |
| Cybercriminals Impersonate Dubai Police to Defraud Consumers in the UAE – Smishing Triad in Action |
| U.S. CISA adds Microsoft Windows CLFS driver flaw to its Known Exploited Vulnerabilities catalog |
| Microsoft December 2024 Patch Tuesday addressed actively exploited zero-day |
| SAP fixed critical SSRF flaw in NetWeaver’s Adobe Document Services |
| Romanian energy supplier Electrica Group is facing a ransomware attack |
| Deloitte denied its systems were hacked by Brain Cipher ransomware group |
| Hacking |
| Mandiant devised a technique to bypass browser isolation using QR codes |
| 2023 Anna Jaques Hospital data breach impacted over 310,000 people |
| RedLine info-stealer campaign targets Russian businesses through pirated corporate software |
International Press – Newsletter
Cybercrime
Anna Jaques Hospital ransomware breach exposed data of 300K patients
Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware
It’s time to get to know deepfakes before they get to know you
Law enforcement shuts down 27 DDoS booters ahead of annual Christmas attacks
Rydox Cybercrime Marketplace Shut Down and Three Administrators Arrested
The ‘Ghost Gun’ Linked to Luigi Mangione Shows Just How Far 3D-Printed Weapons Have Come
Malware
PROXY.AM Powered by Socks5Systemz Botnet
Inside Zloader’s Latest Trick: DNS Tunneling
BSI points out pre-installed malware on IoT devices
Declawing PUMAKIT
Lookout Discovers New Chinese Surveillance Tool Used by Public Security Bureaus
Hacking
(QR) Coding My Way Out of Here: C2 in Browser Isolation Environments
Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI
From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code
Key electricity distributor in Romania warns of ‘cyber attack in progress’
An offensive Rust encore
China-Based Hacker Charged for Conspiring to Develop and Deploy Malware That Exploited Tens of Thousands of Firewalls Worldwide
Not All Roads Lead to PWN2OWN: Hardware Hacking (Part 1)
BadRAM:Practical Memory Aliasing Attacks on Trusted Execution Environments
Teaching an Old Framework New Tricks: The Dangers of Windows UI Automation
Threat Advisory: Oh No Cleo! Cleo Software Actively Being Exploited in the Wild
Intelligence and Information Warfare
New documentary details how governments use spyware to monitor citizens’ phones
Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels
US Senator announces new bill to secure telecom companies in wake of Chinese hacks
Targeted cyberattacks UAC-0185 against the Defense Forces and defense industry enterprises of Ukraine (CERT-UA#12414)
Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine
Lookout Discovers Two Russian Android Spyware Families from Gamaredon APT
Inside a New OT/IoT Cyberweapon: IOCONTROL
Cybersecurity
He Investigates the Internet’s Most Vicious Hackers—From a Secret Location
The December 2024 Security Update Review
WhatsApp fixes bug that let users bypass ‘View Once’ privacy feature
Treasury Sanctions Cybersecurity Company Involved in Compromise of Firewall Products and Attempted Ransomware Attacks
Yahoo cybersecurity team sees layoffs, outsourcing of ‘red team,’ under new CTO
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
