"Exploited 'Looney Tunables' Linux Privileged Escalation Bug Linked To Kinsing Threat Actor"
Aqua Nautilus researchers reported the first instance of an exploit attack on the "Looney Tunables" Linux privileged escalation vulnerability. They say they are "100% certain" that the threat actor Kinsing was behind the attack, but they are not ready to reveal how. Kinsing poses a significant threat to cloud environments, specifically Kubernetes clusters, Docker Application Programming Interfaces (APIs), Redis servers, and Jenkins servers. They are a challenging adversary due to their ability to quickly adapt to new vulnerabilities and their persistent efforts to exploit misconfigurations. This article continues to discuss the Kinsing threat actor being linked to the exploitation of the Looney Tunables bug and the threat actor's recent targeting of Openfire servers.
Submitted by grigby1