May 17, 2024 at 01:30PM Cloud security firm Aqua recently uncovered the evolving threat of Kinsing, a persistent cryptojacking group utilizing newly disclosed vulnerabilities to expand its botnet. The malware exploits various flaws to enroll systems in crypto-mining, targeting open-source applications and utilizing scripts and binaries to carry out attacks on Linux and Windows systems. … Read more
November 6, 2023 at 09:00AM A serious privilege escalation vulnerability, known as CVE-2023-4911 or Looney Tunables, has been exploited by the Kinsing threat group. The group, known for its cryptojacking operations, has targeted major Linux distributions. They have also started collecting new types of information, indicating a potential shift in their activities. Security firm Aqua … Read more
November 3, 2023 at 09:42AM The Kinsing threat actors are exploiting a Linux privilege escalation flaw called Looney Tunables in a new experimental campaign aimed at breaching cloud environments. They are also extracting credentials from Cloud Service Providers. This is the first documented instance of active exploitation of Looney Tunables, allowing the threat actors to … Read more