11.Locks IsometricPattern

Malicious actors such as Kinsing are taking advantage of both recently disclosed and older security flaws in Oracle WebLogic Server to deliver cryptocurrency-mining malware.

 

Cybersecurity company Trend Micro said it found the financially-motivated group leveraging the vulnerability to drop Python scripts with capabilities to disable operating system (OS) security features such as Security-Enhanced Linux (SELinux), and others.

The operators behind the Kinsing malware have a history of scanning for vulnerable servers to co-opt them into a botnet, including that of RedisSaltStackLog4ShellSpring4Shell, and the Atlassian Confluence flaw (CVE-2022-26134).