Monthly Security Bulletin – August 2023

1. New tool exploits Microsoft Teams bug to send malware to users.

2. New StackRot Linux kernel flaw allows privilege escalation.

3. New ‘Big Head’ ransomware displays fake Windows update alert.

4. Charming Kitten hackers use new ‘NokNok’ malware for macOS.

5. VMware warns of exploit available for critical vRealize RCE bug.

6. Microsoft: Chinese hackers breached US govt Exchange email accounts.

7. New PyLoose Linux malware mines crypto directly from memory.

8. Cyberattacks through Browser Extensions – the Importance of MFA.

9. AVrecon malware infects 70,000 Linux routers to build botnet.

10. Spotify reportedly makes users’ private playlists public.

11. Thousands of images on Docker Hub leak auth secrets, private keys.

12. Tracking Down a Suspect through Cell Phone Records.

13. Cybersecurity firm Sophos impersonated by new SophosEncrypt ransomware.

14. Stolen Azure AD key offered widespread access to Microsoft cloud services.

15. Lazarus hackers hijack Microsoft IIS servers to spread malware.

16. Super Admin elevation bug puts 900,000 MikroTik devices at risk.

17. Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws.

18. AI in the Wild: Malicious Applications of Mainstream AI Tools.

19. Linux version of Abyss Locker ransomware targets VMware ESXi servers.