cognitive cybersecurity intelligence

News and Analysis

Hackers exploit Looney Tunables Linux bug, steal cloud creds

Kinsing malware is targeting cloud environments via a Linux issue, CVE-2023-4911, aka “Looney Tunables,” which lets attackers gain root privileges. In a report, Aqua Nautilus detailed the threat actor’s use of this flaw to enhance permissions on compromised machines. Kinsing, which deploys cryptomining software, uses a PHPUnit vulnerability before triggering the Looney Tunables issue for privilege escalation. Investigators believe this campaign differed from usual tactics, indicating an experimental approach.

Source: www.bleepingcomputer.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

'This creates a layered form of obfuscation': New report says criminals are using emojis to avoid detection – TechRadar

'This creates a layered form of obfuscation': New report says criminals are using emojis to avoid detection – TechRadar

‘This creates a layered form of obfuscation’: New report says criminals are using emojis to avoid detection TechRadar

FBI IC3: Healthcare sector leads in ransomware attacks – TechTarget

FBI IC3: Healthcare sector leads in ransomware attacks – TechTarget

FBI IC3: Healthcare sector leads in ransomware attacks TechTarget

Hack-for-hire spyware campaign targets journalists in Middle East, North Africa – CyberScoop

Hack-for-hire spyware campaign targets journalists in Middle East, North Africa – CyberScoop

Hack-for-hire spyware campaign targets journalists in Middle East, North Africa CyberScoop

Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices

Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices

Cybersecurity researchers have lifted the curtain on a stealthy botnet that’s designed for distributed denial-of-service (DDoS) attacks. Called Masjesu, the botnet has been advertised via Telegram