Lucene search

K
hiveproHiveForce LabsHIVEPRO:CDD33FA940829C6CB648ABD43FFE25E9
HistoryNov 07, 2023 - 8:23 a.m.

Kinsing Exploits Looney Tunables Vulnerability to Breach Cloud Environments

2023-11-0708:23:12
HiveForce Labs
www.hivepro.com
29
kinsing
looney tunables
vulnerability
breach
cloud environments
operations
cloud service providers
threat
advisory
linux
privilege escalation

AI Score

7.2

Confidence

Low

EPSS

0.016

Percentile

87.4%

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The threat actor Kinsing has recently been observed exploiting the Linux privilege escalation vulnerability known as "Looney Tunables (CVE-2023-4911)" as part of a new campaign aimed at breaching cloud environments. This represents an expansion of their operations, as they are now attempting to collect credentials from Cloud Service Providers (CSPs). This development suggests a potential broadening of their operational scope and an increased threat to cloud-native environments. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.