Tag: kinsing

In order to get early access to Kubernetes setups, the threat actors behind the Kinsing cryptojacking operation have been seen taking advantage of unprotected and improperly configured PostgreSQL servers. According to a paper published last week by Sunders Bruskin, a security researcher at Microsoft Defender for Cloud, a second initial access vector strategy involves the use of weak pictures. Kinsing has a long history of attacking containerized environments, frequently employing open Docker daemon API ports that have been misconfigured as well as making use of recently discovered exploits to install cryptocurrency mining software. The threat actor has already been identified by terminating and uninstalling competing for resource-intensive services and processes, as well as using...