Author Archives: Onsite Computing, Inc.

Run by the team at orchestration, AI, and automation platform Tines, the Tines library contains pre-built workflows shared by real security practitioners from across the community, all of which are free to import and deploy via the Community Edition of the platform.  Their bi-annual “You Did What with Tines?!” competition highlights some of the most […]

Cybersecurity researchers have uncovered a new Linux rootkit called PUMAKIT that comes with capabilities to escalate privileges, hide files and directories, and conceal itself from system tools, while simultaneously evading detection. “PUMAKIT is a sophisticated loadable kernel module (LKM) rootkit that employs advanced stealth mechanisms to hide its presence and maintain communication with Go to […]

A sophisticated social engineering cybercrime campaign bent on financial gain was observed being run from Tencent servers in Singapore. Go to Source Author: Tara Seals, Managing Editor, News, Dark Reading

The U.S. Department of Justice (DoJ) on Thursday announced the shutdown of an illicit marketplace called Rydox (“rydox.ru” and “rydox[.]cc”) for selling stolen personal information, access devices, and other tools for conducting cybercrime and fraud. In tandem, three Kosovo nationals and administrators of the service, Ardit Kutleshi, Jetmir Kutleshi, and Shpend Sokoli, have been arrested. […]

Open source Prometheus servers and exporters are leaking plaintext passwords and tokens, along with API addresses of internal locations. Go to Source Author: Nate Nelson, Contributing Writer

Law enforcement across mainland China have been using EagleMsgSpy surveillance tool to collect mobile device data since at least 2017, new research shows. Go to Source Author: Becky Bracken, Senior Editor, Dark Reading

Researchers demonstrate how to hack Ruijie Reyee access points without Wi-Fi credentials or even physical access to the device. Go to Source Author: Becky Bracken, Senior Editor, Dark Reading