November 21, 2023 at 01:01PM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to secure their systems against an actively exploited vulnerability called ‘Looney Tunables.’ The vulnerability allows attackers to gain root privileges on major Linux distributions. The flaw affects popular platforms like Fedora, Ubuntu, and Debian. Administrators are advised to … Read more
November 6, 2023 at 03:26PM The Kinsing malware operators are targeting vulnerable cloud environments using a Linux security issue known as “Looney Tunables” (CVE-2023-4911). The malware exploits this vulnerability to gain root privileges on compromised systems. Kinsing is known for breaching cloud-based systems and deploying cryptomining software. Recent attacks have targeted Kubernetes clusters through misconfigured … Read more
November 3, 2023 at 09:42AM The Kinsing threat actors are exploiting a Linux privilege escalation flaw called Looney Tunables in a new experimental campaign aimed at breaching cloud environments. They are also extracting credentials from Cloud Service Providers. This is the first documented instance of active exploitation of Looney Tunables, allowing the threat actors to … Read more