Kinsing Exploits Looney Tunables Vulnerability to Breach Cloud Environments

Threat Level – Red | Vulnerability Report
Download PDF

The threat actor Kinsing has recently been observed  exploiting the Linux privilege escalation vulnerability known as “Looney Tunables (CVE-2023-4911)” as part of a new campaign aimed at breaching cloud environments. This represents an expansion of their operations, as they are now attempting to collect credentials from Cloud Service Providers (CSPs). This development suggests a potential broadening of their operational scope and an increased threat to cloud-native environments.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox