A joint Cybersecurity Advisory (CSA) titled "People's Republic of China-Linked Cyber Actors Hide in Router Firmware" regarding the activities of the BlackTech cyber actor group has been released by the National Security Agency (NSA), Federal Bureau of Investigation (FBI), US Cybersecurity and Infrastructure Security Agency (CISA), Japan National Police Agency (NPA), and Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC). BlackTech, also known as Palmerworm, Temp.

Threat actors are using an existing technique of zero-point font obfuscation in a novel way to trick Microsoft Outlook users into thinking antivirus scans have successfully vetted phishing emails. The technique could increase the likelihood of phishing emails bypassing security measures and convincing recipients to fall for scams. Jan Kopriva, an analyst at the SANS Internet Storm Center, discovered a phishing email that used text written in a font with zero-pixel size, an obfuscation technique first documented by researchers at Avanan in 2018 and dubbed ZeroFont Phishing.

To steal authentication secrets and credentials from developers, hackers are compromising GitHub accounts and inserting malicious code disguised as Dependabot contributions. In July 2023, researchers discovered strange commits on hundreds of public and private repositories that were made to appear as Dependabot commits. Dependabot is an automated GitHub tool that scans projects for vulnerable dependencies and automatically issues pull requests to install updated versions.

A new malware strain called ZenRAT is distributed via fake installation packages of the Bitwarden password manager. According to Proofpoint researchers, the malware is a modular Remote Access Trojan (RAT) capable of stealing information. ZenRAT is hosted on fake websites claiming to be associated with Bitwarden, but it is unknown how traffic is being directed to the domains. In the past, such malware was spread through phishing, malvertising, and Search Engine Optimization (SEO) poisoning attacks. This article continues to discuss findings regarding the new ZenRAT malware strain.

According to Veracode, apps developed by organizations in Europe, the Middle East, and Africa tend to have more security vulnerabilities than those made by their US counterparts. EMEA also has the highest percentage of high-severity vulnerabilities, which, if exploited, would pose a significant problem to businesses. Researchers discovered that over 80 percent of apps developed by EMEA organizations contained at least one security vulnerability detected in their latest scan over the last 12 months, compared to about 73 percent of apps developed by US organizations.

Mozilla recently announced security updates for both Firefox and Thunderbird, addressing a total of nine vulnerabilities in its products, including high-severity flaws.  Firefox 118 was released to the stable channel with patches for all nine vulnerabilities, which are memory issues, and most could lead to exploitable crashes.  According to Mozilla, the first two high-severity flaws tracked as CVE-2023-5168 and CVE-2023-5169 are out-of-bounds write issues in the browser’s FilterNodeD2D1 and PathOps components.

Northeastern University professor of electrical and computer engineering and computer science Kevin Fu has found a method to extract audio from images and even muted videos. Using Side Eye, a Machine Learning-based tool that Fu and his research team developed, it is possible to determine the gender and precise words of a person speaking in a room where a picture was taken. Side Eye introduces an entirely new world of cybersecurity threats that people and cybersecurity professionals should be aware of.

By krahal

By grigby1 

By aekwall