Microsoft: Kubernetes Clusters Hacked in Malware Campaign via PostgreSQL
1 min read
Jan 11, 2023
The Kinsing malware is now actively breaching Kubernetes clusters by leveraging known weaknesses in container images and misconfigured, exposed PostgreSQL containers.
While these tactics aren't novel, Microsoft's Defender for Cloud team reports they have seen an uptick lately, indicating that the threat actors are actively looking for specific entry points.
Kinsing is a Linux malware with a history of targeting containerized environments for crypto mining, using the breached server's hardware resources to generate revenue for the threat actors.
The threat actors behind Kinsing are known for exploiting known vulnerabilities like Log4Shell, and, more recently, an Atlassian Confluence RCE to breach targets and establish persistence.
Related Articles
1 - 0 min read
Tsurugi Linux: A Game-Changing DFIR Analysis Tool
1 - 0 min read
Latest WSL Update Brings Strong Security Mechanisms
1 - 0 min read
Supershell – Open-Source Botnet That Obtain SSH Shell Access
