Cloud Threat Landscape
  • Incidents
  • Actors
  • Techniques
  • Defenses
  • Tools
  • Targeted Technologies
  • Posters & Newspapers
  • About
  • RSS
  • STIX
  • Back to wiz.io
Cloud Threat Landscape

Kinsing campaigns (2023-2024)

Type
Campaign
Actors
👑Kinsing operator
Pub. date
August 29, 2023
Initial access
1-day vulnerabilitySoftware misconfig
Impact
Resource hijacking
Observed techniques
Misconfigured PostgreSQL abuse
Targeted technologies
OpenfirePostgreSQLWebLogicWordPressLiferayPHPUnitApache RocketMQ
References
https://www.aquasec.com/blog/kinsing-malware-exploits-novel-openfire-vulnerability/https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/initial-access-techniques-in-kubernetes-environments-used-by/ba-p/3697975https://thehackernews.com/2024/05/kinsing-hacker-group-exploits-more.html
Status
Stub
Last edited
Jun 2, 2024 11:54 AM

Made with 💙 by Wiz

Last Updated: April 3, 2025