all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Looney Tunables bug exploited for cryptojacking

Add to bookmarks
Nov. 7, 2023, 9:35 a.m. | Helga Labus

Help Net Security www.helpnetsecurity.com

Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into cloud-native environments. Kinsing (aka Money Libra) is a threat actor group that has been active since late 2021, targeting cloud-native environments and applications – Kubernetes clusters, Docker API, Redis, Jenkins and Openfire servers, cloud-hosted Apache NiFi instances, and so on – to deploy cryptominers. Kinsing exploiting PHPUnit and Looney Tunables vulnerabilities In this latest attack … More


The post …

actor api applications aqua security bug cloud cloud computing cloud-native cloud-native environments clusters cryptojacking cryptomining cve docker don't miss environments exploit exploited exploiting hot stuff install jenkins kinsing kubernetes kubernetes clusters libra linux looney tunables money openfire openfire servers redis servers software targeting threat threat actor threat actors tunables vulnerability

Visit resource

More from www.helpnetsecurity.com / Help Net Security

McAfee and Intel collaborate to combat deepfakes with Deepfake Detector 41 minutes ago | www.helpnetsecurity.com
advanced ai-powered consumers deepfake +16
Strategies for preventing AI misuse in cybersecurity 3 hours ago | www.helpnetsecurity.com
ai models ai tools analytics artificial intelligence +25
How to prepare for the CISSP exam: Tips from industry leaders 4 hours ago | www.helpnetsecurity.com
article certification certified ciso +24
Organizations go ahead with AI despite security risks 4 hours ago | www.helpnetsecurity.com
adoption ai adoption ai security amp +19
Privacy requests increased 246% in two years 5 hours ago | www.helpnetsecurity.com
access cybersecurity data data deletion +14
How MFA can improve your online security 5 hours ago | www.helpnetsecurity.com
access attacks authentication barr advisory +26
eBook: CISSP fundamentals in focus 6 hours ago | www.helpnetsecurity.com
access access control business career +22
Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks 1 day ago | www.helpnetsecurity.com
alto articles attackers attacks +25
Bug hunters can get up to $450,000 for an RCE in Google’s Android apps 2 days, 18 hours ago | www.helpnetsecurity.com
android android apps app apps +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Sr Security Engineer - Colombia

@ Nubank | Colombia, Bogota
View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Menlo Park, CA | Washington, DC | Remote, US
View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Bridgwater, United Kingdom
View on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States
View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US
View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States
View on infosec-jobs.com
View more jobs