11.Locks IsometricPattern

Malicious actors such as Kinsing are taking advantage of both recently disclosed and older security flaws in Oracle WebLogic Server to deliver cryptocurrency-mining malware.


Cybersecurity company Trend Micro said it found the financially-motivated group leveraging the vulnerability to drop Python scripts with capabilities to disable operating system (OS) security features such as Security-Enhanced Linux (SELinux), and others.

The operators behind the Kinsing malware have a history of scanning for vulnerable servers to co-opt them into a botnet, including that of RedisSaltStack, Log4Shell, Spring4Shell, and the Atlassian Confluence flaw (CVE-2022-26134).

The link for this article located at The Hacker News is no longer available.