A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.—————————————————————————————————————————————————–Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.[IOCONTROL cyberweapon used to target infrastructure in the US and Isreael](https://securityaffairs.com/171980/malware/iocontrol-cyberweapon-targets-us-isreael.html) [U.S. CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/171973/security/u-s-cisa-adds-cleo-harmony-vltrader-and-lexicom-flaw-to-its-known-exploited-vulnerabilities-catalog.html) [German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox](https://securityaffairs.com/171968/malware/bsi-sinkholed-badbox-botnet.html) [U.S. authorities seized cybercrime marketplace Rydox](https://securityaffairs.com/171956/cyber-crime/u-s-authorities-seized-marketplace-rydox.html) [Experts discovered the first mobile malware families linked to Russia’s Gamaredon](https://securityaffairs.com/171949/apt/gamaredon-used-two-new-android-spyware-tools.html) [US Bitcoin ATM operator Byte Federal suffered a data breach](https://securityaffairs.com/171941/data-breach/us-bitcoin-atm-operator-byte-federal-suffered-a-data-breach.html) [Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement](https://securityaffairs.com/171904/malware/china-uses-eaglemsgspy-malware.html) [Operation PowerOFF took down 27 DDoS platforms across 15 countries](https://securityaffairs.com/171909/cyber-crime/operation-poweroff-took-down-27-ddos-platforms.html) [Russia’s Secret Blizzard APT targets Ukraine with Kazuar backdoor](https://securityaffairs.com/171896/apt/secret-blizzard-targets-ukraine-with-kazuar-backdoor.html) [Ivanti fixed a maximum severity vulnerability in its CSA solution](https://securityaffairs.com/171850/breaking-news/ivanti-maximum-severity-flaw-csa-solution.html) [Operation Digital Eye: China-linked relies on Visual Studio Code Remote Tunnels to spy on Europen entities](https://securityaffairs.com/171879/apt/operation-digital-china-apt-targets-europe.html) [Chinese national charged for hacking thousands of Sophos firewalls](https://securityaffairs.com/171870/security/chinese-national-charged-for-hacking-sophos-firewalls.html) [Cybercriminals Impersonate Dubai Police to Defraud Consumers in the UAE — Smishing Triad in Action](https://securityaffairs.com/171859/cyber-crime/smishing-triad-cybercriminals-impersonate-dubai-police.html) [U.S. CISA adds Microsoft Windows CLFS driver flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/171851/hacking/u-s-cisa-adds-microsoft-windows-clfs-driver-flaw-to-its-known-exploited-vulnerabilities-catalog.html) [Microsoft December 2024 Patch Tuesday addressed actively exploited zero-day](https://securityaffairs.com/171845/security/microsoft-december-2024-patch-tuesday.html) [SAP fixed critical SSRF flaw in NetWeaver’s Adobe Document Services](https://securityaffairs.com/171839/security/sap-fixed-critical-ssrf-flaw-netweaver.html) [Romanian energy supplier Electrica Group is facing a ransomware attack](https://securityaffairs.com/171832/hacking/electrica-group-ransomware-attack.html) [Deloitte denied its systems were hacked by Brain Cipher ransomware group](https://securityaffairs.com/171827/cyber-crime/deloitte-denied-its-systems-were-hacked-by-brain-cipher-ransomware-group.html) [Hacking](https://securityaffairs.com/171809/hacking/bypass-browser-isolation-using-qr-codes.html) [Mandiant devised a technique to bypass browser isolation using QR codes](https://securityaffairs.com/171809/hacking/bypass-browser-isolation-using-qr-codes.html) [2023 Anna Jaques Hospital data breach impacted over 310,000 people](https://securityaffairs.com/171801/data-breach/anna-jaques-hospital-data-breach.html) [RedLine info-stealer campaign targets Russian businesses through pirated corporate software](https://securityaffairs.com/171771/cyber-crime/redline-info-stealer-campaign-targets-russian-businesses.html)**International Press — Newsletter****Cybercrime**[Anna Jaques Hospital ransomware breach exposed data of 300K patients](https://www.bleepingcomputer.com/news/security/anna-jaques-hospital-ransomware-breach-exposed-data-of-300k-patients/)[Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware](https://www.rapid7.com/blog/post/2024/12/04/black-basta-ransomware-campaign-drops-zbot-darkgate-and-custom-malware/)[It’s time to get to know deepfakes before they get to know you](https://fortune.com/2024/12/02/deepfakes-accenture-commentary/)[Law enforcement shuts down 27 DDoS booters ahead of annual Christmas attacks](https://www.europol.europa.eu/media-press/newsroom/news/law-enforcement-shuts-down-27-ddos-booters-ahead-of-annual-christmas-attacks)[Rydox Cybercrime Marketplace Shut Down and Three Administrators Arrested](https://www.justice.gov/opa/pr/rydox-cybercrime-marketplace-shut-down-and-three-administrators-arrested)[The ‘Ghost Gun’ Linked to Luigi Mangione Shows Just How Far 3D-Printed Weapons Have Come](https://www.wired.com/story/luigi-mangione-united-healthcare-3d-printed-gun-fmda-chairmanwon-v1/)**Malware**[PROXY.AM Powered by Socks5Systemz Botnet](https://www.bitsight.com/blog/proxyam-powered-socks5systemz-botnet)[Inside Zloader’s Latest Trick: DNS Tunneling](https://www.zscaler.com/blogs/security-research/inside-zloader-s-latest-trick-dns-tunneling)[BSI points out pre-installed malware on IoT devices](https://www.bsi.bund.de/DE/Service-Navi/Presse/Pressemitteilungen/Presse2024/241212_Badbox_Sinkholing.html)[Declawing PUMAKIT](https://www.elastic.co/security-labs/declawing-pumakit)[Lookout Discovers New Chinese Surveillance Tool Used by Public Security Bureaus](https://www.lookout.com/threat-intelligence/article/eaglemsgspy-chinese-android-surveillanceware)**Hacking**[(QR) Coding My Way Out of Here: C2 in Browser Isolation Environments](https://cloud.google.com/blog/topics/threat-intelligence/c2-browser-isolation-environments/)[Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI](https://thehackernews.com/2024/12/researchers-uncover-prompt-injection.html)[From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code](https://googleprojectzero.blogspot.com/2024/10/from-naptime-to-big-sleep.html)[Key electricity distributor in Romania warns of ‘cyber attack in progress’](https://therecord.media/electric-distributor-cyberattack-romania)[An offensive Rust encore](https://security.humanativaspa.it/an-offensive-rust-encore/)[China-Based Hacker Charged for Conspiring to Develop and Deploy Malware That Exploited Tens of Thousands of Firewalls Worldwide](https://www.justice.gov/opa/pr/china-based-hacker-charged-conspiring-develop-and-deploy-malware-exploited-tens-thousands)[Not All Roads Lead to PWN2OWN: Hardware Hacking (Part 1)](https://www.hacktivesecurity.com/index.php/2024/12/10/not-all-roads-lead-to-pwn2own-hardware-hacking-part-1/)[BadRAM:Practical Memory Aliasing Attacks on Trusted Execution Environments](https://badram.eu/)[Teaching an Old Framework New Tricks: The Dangers of Windows UI Automation](https://www.akamai.com/blog/security-research/2024-december-windows-ui-automation-attack-technique-evades-edr)[Threat Advisory: Oh No Cleo! Cleo Software Actively Being Exploited in the Wild](https://www.huntress.com/blog/threat-advisory-oh-no-cleo-cleo-software-actively-being-exploited-in-the-wild)**Intelligence and Information Warfare**[New documentary details how governments use spyware to monitor citizens’ phones](https://www.pbs.org/newshour/amp/show/new-documentary-details-how-governments-use-spyware-to-monitor-citizens-phones)[Operation Digital Eye -| Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels](https://www.sentinelone.com/labs/operation-digital-eye-chinese-apt-compromises-critical-digital-infrastructure-via-visual-studio-code-tunnels/)[US Senator announces new bill to secure telecom companies in wake of Chinese hacks](https://techcrunch.com/2024/12/10/us-senator-announces-new-bill-to-secure-telecom-companies-in-wake-of-chinese-hacks/)[Targeted cyberattacks UAC-0185 against the Defense Forces and defense industry enterprises of Ukraine (CERT-UA#12414)](https://cert.gov.ua/article/6281632)[Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine](https://www.microsoft.com/en-us/security/blog/2024/12/11/frequent-freeloader-part-ii-russian-actor-secret-blizzard-using-tools-of-other-groups-to-attack-ukraine/)[Lookout Discovers Two Russian Android Spyware Families from Gamaredon APT](https://www.lookout.com/threat-intelligence/article/gamaredon-russian-android-surveillanceware)[Inside a New OT/IoT Cyberweapon: IOCONTROL](https://claroty.com/team82/research/inside-a-new-ot-iot-cyber-weapon-iocontrol)**Cybersecurity**[He Investigates the Internet’s Most Vicious Hackers—From a Secret Location](https://www.wsj.com/tech/cybersecurity/hacking-brian-krebs-snowflake-waifu-49b87fce)[The December 2024 Security Update Review](https://www.zerodayinitiative.com/blog/2024/12/10/the-december-2024-security-update-review)[WhatsApp fixes bug that let users bypass ‘View Once’ privacy feature](https://techcrunch.com/2024/12/09/whatsapp-fixes-bug-that-let-users-bypass-view-once-privacy-feature/)[Treasury Sanctions Cybersecurity Company Involved in Compromise of Firewall Products and Attempted Ransomware Attacks](https://home.treasury.gov/news/press-releases/jy2742)[Yahoo cybersecurity team sees layoffs, outsourcing of ‘red team,’ under new CTO](https://techcrunch.com/2024/12/12/yahoo-cybersecurity-team-sees-layoffs-outsourcing-of-red-team-under-new-cto/)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, newsletter)**
Related Tags:
DarkGate
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 923 – Administration Of Human Resource Programs
NAICS: 519 – Web Search Portals
Libraries
Archives
Other Information Services
NAICS: 62 – Health Care And Social Assistance
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 52 – Finance And Insurance
NAICS: 622 – Hospitals
NAICS: 92 – Public Administration
Associated Indicators: