Packet Storm Hard Reboot

Posted: 2024-12-05
Source: Packet Storm
Tag(s): Headline, Hacker



Over the past quarter century, Packet Storm Security has been regarded as a comprehensive and well-established online resource dedicated to cybersecurity and emerging threats. Security professionals, researchers, and enthusiasts use Packet Storm as a centralized hub for access to a vast repository of up-to-date security content.

Today we are pleased to announce that Packet Storm has been completely burned down and rebuilt (drastic, we know). Everything has been refreshed, from the bare metal up. The only thing that remains untouched is the archive. The updates were long overdue, and they mark the beginning of something much bigger.

You shouldn’t experience any changes to your account or credentials. If you find anything to be broken, please don’t hesitate to mail us at staff@packetstormsecurity.com. We will be using December to get some much needed burn-in time, and in January, we will launch new Premium services.


Improvements

New domain: https://packetstorm.news/ Old links will still work, and are redirected.

Mobile-friendly browsing: Packet Storm has finally been optimized for mobile access. Smart phones seem to be catching on, and our reaction time is amazing on this one.

Search upgrades: Search now allows for up to 5 terms, and results can be viewed in both "most relevant" and "newest" listings.  Files, News, Users, and CVEs can also be searched.

Detailed Help Section: This section of Packet Storm includes everything from guidance on fixing vulnerabilities to overviews on how to use the site. Please check this section before emailing us with any questions.

Secure Messaging: Messaging between users is now cleaner and data is encrypted at rest.  Both users must follow each other on Packet Storm in order to communicate.

Enhanced privacy settings: We’ve improved users’ ability to control social and email address visibility. You can select your account Privacy details from User Settings.  

The return of voting! Do you have ideas for new questions or features? Share with us. There's no better place to get the pulse of the security community than from the voices of the practitioners. Many fun polls are already enabled, so log in or create an account to give your opinion today!


New Features

Premium services: Advertising services and API access will be offered with a subscription (beginning in January). You can start playing with the development API today and test integrating into your SIEM. Additional Premium services are in the works.

Collections: New in-site bookmarking and organizational functionalities have been added to increase the utility of the site. Whether you're planning an op or just want to keep track of a particular issue, Collections will be extremely helpful. Users can create up to 20 collections containing up to 100 entries each. Collections can be created and edited in User Settings.

Enhanced account security: Our authentication backend has been completely rebuilt from scratch. We now offer TOTP and WebAuthn as second factors. Please use them! 

Favorites: You can mark files, news articles, or sources as Favorites. Favorites are displayed on your profile page for easy tracking and reference, as well as in your Activity Timeline.

Activity Timelines: The users you follow on Packet Storm will now show up in your Activity Timeline. Your Activity Timeline will also show you if a followed user creates a Collection that is visible to you, if they Favorite a file, news article, or researcher/source of a file, or if they are a researcher and have a new file posted. It's like a social networking feed without all the annoying conspiracy theories.


Removed Functionalities

RSS feeds: This feature was being heavily abused. The API will provide this access for organizations in the new year. We have temporarily enabled the last 25 files and news feeds to soften the blow. You can find their links in the help section.  If demand is there, we may offer these at a lower cost than the API.

Free-form text fields: Fields for including personal homepage and blurbs are now toast. We are done with SEO farms targeting us. Abuse of any other functionality by SEO farms will result in immediate deletion and public shaming.

Users purged: We disabled over 20,000 accounts by malicious actors and have added mitigations so that SEO farms cannot repeat this behavior.


Final Notes

Rate limiting: The new rate limiting is extensive and exists in many areas. During the beta, this may trip up normal users. Please alert us if it does. There are only so many real world situations we can emulate during testing. We may loosen these depending on whether or not we get crushed under our normal traffic loads.

Planned Downtime: There will be downtime or disabled functionality during December as we shake out any remaining bugs. Please be patient and expect it.


Thank you to our Community

Packet Storm is very grateful for all of the researchers and organizations that have supported us over the years. We hope our new offerings vastly improve upon the usability of Packet Storm as a comprehensive resource. We look forward to announcing another big feature early next year, and we will continue working to expand the coverage of security issues we report on. 

Check out our About page to understand our mission statement.

Have any questions?  Hit us up at staff@packetstormsecurity.com.

Packet Storm Hard Reboot

Posted: 2024-12-05
Source: Packet Storm
Tag(s): Headline, Hacker



Over the past quarter century, Packet Storm Security has been regarded as a comprehensive and well-established online resource dedicated to cybersecurity and emerging threats. Security professionals, researchers, and enthusiasts use Packet Storm as a centralized hub for access to a vast repository of up-to-date security content.

Today we are pleased to announce that Packet Storm has been completely burned down and rebuilt (drastic, we know). Everything has been refreshed, from the bare metal up. The only thing that remains untouched is the archive. The updates were long overdue, and they mark the beginning of something much bigger.

You shouldn’t experience any changes to your account or credentials. If you find anything to be broken, please don’t hesitate to mail us at staff@packetstormsecurity.com. We will be using December to get some much needed burn-in time, and in January, we will launch new Premium services.


Improvements

New domain: https://packetstorm.news/ Old links will still work, and are redirected.

Mobile-friendly browsing: Packet Storm has finally been optimized for mobile access. Smart phones seem to be catching on, and our reaction time is amazing on this one.

Search upgrades: Search now allows for up to 5 terms, and results can be viewed in both "most relevant" and "newest" listings.  Files, News, Users, and CVEs can also be searched.

Detailed Help Section: This section of Packet Storm includes everything from guidance on fixing vulnerabilities to overviews on how to use the site. Please check this section before emailing us with any questions.

Secure Messaging: Messaging between users is now cleaner and data is encrypted at rest.  Both users must follow each other on Packet Storm in order to communicate.

Enhanced privacy settings: We’ve improved users’ ability to control social and email address visibility. You can select your account Privacy details from User Settings.  

The return of voting! Do you have ideas for new questions or features? Share with us. There's no better place to get the pulse of the security community than from the voices of the practitioners. Many fun polls are already enabled, so log in or create an account to give your opinion today!


New Features

Premium services: Advertising services and API access will be offered with a subscription (beginning in January). You can start playing with the development API today and test integrating into your SIEM. Additional Premium services are in the works.

Collections: New in-site bookmarking and organizational functionalities have been added to increase the utility of the site. Whether you're planning an op or just want to keep track of a particular issue, Collections will be extremely helpful. Users can create up to 20 collections containing up to 100 entries each. Collections can be created and edited in User Settings.

Enhanced account security: Our authentication backend has been completely rebuilt from scratch. We now offer TOTP and WebAuthn as second factors. Please use them! 

Favorites: You can mark files, news articles, or sources as Favorites. Favorites are displayed on your profile page for easy tracking and reference, as well as in your Activity Timeline.

Activity Timelines: The users you follow on Packet Storm will now show up in your Activity Timeline. Your Activity Timeline will also show you if a followed user creates a Collection that is visible to you, if they Favorite a file, news article, or researcher/source of a file, or if they are a researcher and have a new file posted. It's like a social networking feed without all the annoying conspiracy theories.


Removed Functionalities

RSS feeds: This feature was being heavily abused. The API will provide this access for organizations in the new year. We have temporarily enabled the last 25 files and news feeds to soften the blow. You can find their links in the help section.  If demand is there, we may offer these at a lower cost than the API.

Free-form text fields: Fields for including personal homepage and blurbs are now toast. We are done with SEO farms targeting us. Abuse of any other functionality by SEO farms will result in immediate deletion and public shaming.

Users purged: We disabled over 20,000 accounts by malicious actors and have added mitigations so that SEO farms cannot repeat this behavior.


Final Notes

Rate limiting: The new rate limiting is extensive and exists in many areas. During the beta, this may trip up normal users. Please alert us if it does. There are only so many real world situations we can emulate during testing. We may loosen these depending on whether or not we get crushed under our normal traffic loads.

Planned Downtime: There will be downtime or disabled functionality during December as we shake out any remaining bugs. Please be patient and expect it.


Thank you to our Community

Packet Storm is very grateful for all of the researchers and organizations that have supported us over the years. We hope our new offerings vastly improve upon the usability of Packet Storm as a comprehensive resource. We look forward to announcing another big feature early next year, and we will continue working to expand the coverage of security issues we report on. 

Check out our About page to understand our mission statement.

Have any questions?  Hit us up at staff@packetstormsecurity.com.

 About | Terms | Copyright | Privacy | BlueSky | X | Mastodon
 © 2024 - 2025
All Rights Reserved Packet Storm Security, LLC
Hosting provided by: RokaSecurity