Type
Campaign
Actors
Kinsing operator
Pub. date
August 29, 2023
Initial access
1-day vulnerabilitySoftware misconfig
Impact
Resource hijacking
Observed techniques
Misconfigured PostgreSQL abuse
Targeted technologies
OpenfirePostgreSQLWebLogicWordPressLiferayPHPUnitApache RocketMQ
References
https://www.aquasec.com/blog/kinsing-malware-exploits-novel-openfire-vulnerability/https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/initial-access-techniques-in-kubernetes-environments-used-by/ba-p/3697975https://thehackernews.com/2024/05/kinsing-hacker-group-exploits-more.html
Status
Stub
Last edited
Jun 2, 2024 11:54 AM