Type to search
Advanced channel search

SearcheeBot

Your guide in the world of telegram channels
img
ad

Telegram Analytics

Subscribe to stay informed about TGStat news.
img
ad

TGStat Bot

Bot to get channel statistics without leaving Telegram
img
ad

TGAlertsBot

Monitoring of keywords in channels and chats
img
ad

BlackBox (Security) Archiv

@BlackBox_Archiv
Channel's geo and language: Germany, Deutsche
Category: not specified

πŸ‘‰πŸΌ Latest viruses and malware threats
πŸ‘‰πŸΌ Latest patches, tips and tricks
πŸ‘‰πŸΌ Threats to security/privacy/democracy on the Internet
πŸ‘‰πŸΌ Find us on Matrix: https://matrix.to/#/!wNywwUkYshTVAFCAzw:matrix.org

Related channels  |  Similar channels
Channel's geo and language
Germany, Deutsche
Category
not specified
Statistics
Is this your channel? Confirm Channel history
Posts filter

BlackBox (Security) Archiv

11 Jul, 19:05

Open in Telegram Share Report
3.1k 0 28 3 7
BlackBox (Security) Archiv

10 Jul, 09:34

Open in Telegram Share Report
Google Chrome gives all *.google.com sites full access to system / tab CPU usage, GPU usage, and memory usage. It also gives access to detailed processor information, and provides a logging backchannel.

This API is not exposed to other sites - only to *.google.com.

https://x.com/lcasdev/status/1810696257137959018

#google #chrome #extension #privacy
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
Luca Casonato πŸ³οΈβ€πŸŒˆ (@lcasdev) on X
So, Google Chrome gives all *.google.com sites full access to system / tab CPU usage, GPU usage, and memory usage. It also gives access to detailed processor information, and provides a logging backchannel. This API is not exposed to other sites - only to *.google.com.
16.2k 6 240 5 10
BlackBox (Security) Archiv

21 Jun, 16:14

Open in Telegram Share Report
Mozilla is an advertising company now

Mozilla has acquired Anonym, a [blah blah blah] raise the bar for the advertising industry [blah blah blah] while delivering effective advertising solutions.

Anonym was founded with two core beliefs: [blah blah blah] and second, that digital advertising is critical for the sustainability of free content, services and experiences.

As we integrate Anonym into the Mozilla family, we are excited about the possibilities this partnership brings. While Anonym will continue to serve its customer base, together, we are poised to lead the industry toward a future where privacy and effective advertising go hand in hand, supporting a free and open internet.

Anonym was founded in 2022 by former Facebook executives Brad Smallwood and Graham Mudd. The company was backed by Griffin Gaming Partners, Norwest Venture Partners, Heracles Capital as well as a number of strategic individual investors.

https://www.jwz.org/blog/2024/06/mozilla-is-an-advertising-company-now/

#ff #firefox #mozilla #browser #anonym #advertising
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
Mozilla is an advertising company now
This seems completely normal and cool and not troublesome in any way. Mozilla has acquired Anonym, a [blah blah blah] raise the bar for the advertising industry [blah blah blah] while delivering effective advertising solutions. [...] Anonym was founded with two core beliefs: [blah blah blah] and sec...
3.8k 0 31 10 24
BlackBox (Security) Archiv

2 Jun, 07:44

Open in Telegram Share Report
3.6k 0 47 1 10
BlackBox (Security) Archiv

31 May, 19:23

Open in Telegram Share Report
Very big cyber incident playing out at Snowflake, who describe themselves as β€œAI Data Cloud”. They have a free trial where anybody can sign up and upload data… and they have.

Threat actors have been scraping customer data using a tool called rapeflake, for about a month.

@GossiTheDog/112536407633131499' rel='nofollow'>https://cyberplace.social/@GossiTheDog/112536407633131499

#snowflake #cybersecurity #rapeflake #hacked
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
Kevin Beaumont (@GossiTheDog@cyberplace.social)
Very big cyber incident playing out at Snowflake, who describe themselves as β€œAI Data Cloud”. They have a free trial where anybody can sign up and upload data… and they have. Threat actors have been scraping customer data using a tool called rapeflake, for about a month.
2.7k 0 10 2
BlackBox (Security) Archiv

24 May, 17:43

Open in Telegram Share Report
no-defender

A slightly more fun way to disable windows defender.

There's a WSC (Windows Security Center) service in Windows which is used by antiviruses to let Windows know that there's some other antivirus in the hood and it should disable Windows Defender.

This WSC API is undocumented and furthermore requires people to sign an NDA with Microsoft to get its documentation, so I decided to take an interesting approach for such a thing and used an already existing antivirus called Avast. This AV engine includes a so-called wsc_proxy.exe service, which essentially sets up the WSC API for Avast.

With a little bit of reverse engineering, I turned this service into a service that could add my own stuff there.

https://github.com/es3n1n/no-defender

#reverseengineering #windows #defender #microsoft
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
GitHub - es3n1n/no-defender: A slightly more fun way to disable windows defender. (through the WSC api)
A slightly more fun way to disable windows defender. (through the WSC api) - es3n1n/no-defender
2.8k 0 36 11
BlackBox (Security) Archiv

15 May, 16:10

Open in Telegram Share Report
CensysGPT Beta

CensysGPT beta simplifies building queries and empowers users to conduct efficient and effective reconnaissance operations. The tool enables users to quickly and easily gain insights into hosts on the internet, streamlining the process and allowing for more proactive threat hunting and exposure management.

https://gpt.censys.io/

#cybersecurity #infosec #ai #censys #gpt
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
Generate Censys Search Queries
2.4k 0 21 2
BlackBox (Security) Archiv

15 May, 08:13

Open in Telegram Share Report
Foxit PDF β€œFlawed Design” Exploitation

Check Point Research has identified an unusual pattern of behavior involving PDF exploitation, mainly targeting users of Foxit Reader. This exploit triggers security warnings that could deceive unsuspecting users into executing harmful commands. Check Point Research has observed variants of this exploit being actively utilized in the wild. Its low detection rate is attributed to the prevalent use of Adobe Reader in most sandboxes or antivirus solutions, as Adobe Reader is not susceptible to this specific exploit. Additionally, Check Point Research has observed various exploit builders, ranging from those coded in .NET to those written in Python, being used to deploy this exploit.

https://research.checkpoint.com/2024/foxit-pdf-flawed-design-exploitation/

#exploit #foxit #pdf
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
Foxit PDF β€œFlawed Design” Exploitation - Check Point Research
Check Point Research has identified an unusual pattern of behavior involving PDF exploitation, mainly targeting users of Foxit Reader. This exploit triggers security warnings that could deceive unsuspecting users into executing harmful commands. Check Point Research has observed variants of this exp...
2.1k 0 7 1
BlackBox (Security) Archiv

15 May, 07:42

Open in Telegram Share Report
Tornado Cash Developer Found Guilty of Laundering $1.2 Billion of Crypto

Alexey Pertsev, cofounder of the crypto-anonymizing tool, has been sentenced to more than five years behind bars.

https://www.wired.com/story/tornado-cash-developer-found-guilty-of-laundering-crypto/

#crypto #tornadocash #pertsev
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
Tornado Cash Developer Found Guilty of Laundering $1.2 Billion of Crypto
Alexey Pertsev, cofounder of the crypto-anonymizing tool, has been sentenced to more than five years behind bars.
1.8k 0 5 6
BlackBox (Security) Archiv

14 May, 19:35

Open in Telegram Share Report
1.9k 0 20 2 15
BlackBox (Security) Archiv

14 May, 15:20

Open in Telegram Share Report
A Threat Actor Claims Sale of Outlook RCE Exploit 0-Day for $1,700,000

In a concerning development, a threat actor known as β€œCvsp” has announced the sale of an alleged Outlook Remote Code Execution (RCE) exploit 0-day. This alleged exploit, designed to target various versions of Microsoft Office across both x86 and x64 architectures, poses a significant security threat to users worldwide.

https://dailydarkweb.net/a-threat-actor-claims-sale-of-outlook-rce-exploit-0-day-for-1700000/

#outlook #zeroday #exploit
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
A Threat Actor Claims Sale of Outlook RCE Exploit 0-Day for $1,700,000 - Daily Dark Web
A Threat Actor Claims Sale of Outlook RCE Exploit 0-Day for $1,700,000 Discover the latest security threats and database leaks, including unauthorized VPN access and email breaches, in the cyber underground world.Stay informed about emerging cyber threats, such as unauthorized access to databases an...
1.4k 0 13 4
BlackBox (Security) Archiv

13 May, 09:50

Open in Telegram Share Report
ShodanX

ShodanX is a versatile information gathering tool that harnesses the power of Shodan's extensive database. it offers multiple modes and flexible queries to extract valuable insights for security assessments, reconnaissance, and threat intelligence. With colorful output and intuitive commands, ShodanX empowers users to efficiently gather and analyze data from Shodan's facets, enhancing their cybersecurity efforts.

https://github.com/RevoltSecurities/ShodanX/tree/main

#shodan #shodanx #pentesting #cybersecurity #infosec
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
GitHub - RevoltSecurities/ShodanX: ShodanX is a tool to gather information of targets using shodan dorks⚑.
ShodanX is a tool to gather information of targets using shodan dorks⚑. - RevoltSecurities/ShodanX
1.5k 0 26 3
BlackBox (Security) Archiv

13 May, 09:46

Open in Telegram Share Report
Telegram has launched a pretty intense campaign to malign Signal as insecure, with assistance from Elon Musk. The goal seems to be to get activists to switch away from encrypted Signal to mostly-unencrypted Telegram. I want to talk about this a bit....

https://twitter.com/matthew_d_green/status/1789687898863792453

#signal #telegram #durov #elonmusk
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
Matthew Green (@matthew_d_green) on X
Telegram has launched a pretty intense campaign to malign Signal as insecure, with assistance from Elon Musk. The goal seems to be to get activists to switch away from encrypted Signal to mostly-unencrypted Telegram. I want to talk about this a bit. 1/
1.5k 0 24 13
BlackBox (Security) Archiv

13 May, 09:02

Open in Telegram Share Report
Lethal Injection: How We Hacked Microsoft's Healthcare Chat Bot

We have discovered multiple security vulnerabilities in the Azure Health Bot service, a patient-facing chatbot that handles medical information. The vulnerabilities, if exploited, could allow access to sensitive infrastructure and confidential medical data.

All vulnerabilities have been fixed quickly following our report to Microsoft. Microsoft has not detected any sign of abuse of these vulnerabilities. We want to thank the people from Microsoft for their cooperation in remediating these issues: Dhawal, Kirupa, Gaurav, Madeline, and the engineering team behind the service.

The first vulnerability allowed access to authentication credentials belonging to the customers. With continued research, we’ve found vulnerabilities allowing us to take control of a backend server of the service. That server is shared across multiple customers and has access to several databases that contain information belonging to multiple tenants.

https://www.breachproof.net/blog/lethal-injection-how-we-hacked-microsoft-ai-chat-bot

#microsoft #healthcare #ai #chatbot #hacked
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
Lethal Injection: How We Hacked Microsoft's Healthcare Chat Bot
A story of hacking Microsoft's flagship healthcare chatbot using a series of vulnerabilities. The vulnerabilities could allow access to sensitive healthcare data of Microsoft customers, and were fixed promptly by Microsoft.
1.4k 0 8 1
BlackBox (Security) Archiv

10 May, 11:32

Open in Telegram Share Report
Dell admits to data breach: sensitive user data in peril

The American technology giant has notified some of its customers about a data breach that involved sensitive data, including users’ physical addresses.

Dell Technologies says that it’s currently investigating an incident β€œinvolving a Dell portal,” which contains a database with customer information related to purchases.

https://cybernews.com/news/dell-data-breach/

#dell #breach
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
Dell admits to data breach: sensitive user data in peril | Cybernews
Dell believes there is not a significant risk to customers given the type of information involved.
2k 0 6 4
BlackBox (Security) Archiv

10 May, 09:30

Open in Telegram Share Report
7 Deadly Sins of Distrohopping

What are you doing wrong with distro-hopping? Can you do it better? Yes, you can. Here, we tell you how.

https://itsfoss.com/distrohopping-issues/

#linux #foss #distrohopping
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
7 Deadly Sins of Linux Distrohopping
What are you doing wrong with distro-hopping? Can you do it better? Yes, you can. Here, we tell you how.
1.6k 0 13 2
BlackBox (Security) Archiv

8 May, 11:20

Open in Telegram Share Report
Wireshark RDP resources

Looking for a way to capture and inspect RDP traffic in Wireshark? You've come to the right place!

https://github.com/awakecoding/wireshark-rdp

#wireshark #pentesting
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
GitHub - awakecoding/wireshark-rdp: Wireshark RDP resources
Wireshark RDP resources. Contribute to awakecoding/wireshark-rdp development by creating an account on GitHub.
1.7k 0 13 2
BlackBox (Security) Archiv

8 May, 08:54

Open in Telegram Share Report
Proton Mail Discloses User Data Leading to Arrest in Spain

Proton Mail has come under scrutiny for its role in a legal request involving the Spanish authorities and a member of the Catalan independence organization, Democratic Tsunami.

https://restoreprivacy.com/protonmail-discloses-user-data-leading-to-arrest-in-spain/

#protonmail
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
Proton Mail Discloses User Data Leading to Arrest in Spain
Proton Mail came under scrutiny for its role in a legal request by the Spanish authorities leading to the identification and arrest of a user.
1.9k 0 29 8
BlackBox (Security) Archiv

7 May, 19:00

Open in Telegram Share Report
Ransomware Diaries Volume 5: Unmasking LockBit

Before you read this volume of the Ransomware Diaries, please understand that LockBitSupp’s identity only became known earlier today. Therefore, please make your own assessment and validate my findings before using this research for real-world actions. I have been chasing LockBit for a long time and when I found out the DoJ planned to release this information, I decided to publish my research quicker than I intended.

https://analyst1.com/ransomware-diaries-volume-5-unmasking-lockbit/

#lockbit
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
Ransomware Diaries Volume 4: Ransomed and Exposed - The Story of RansomedVC
Jon DiMaggio will explore how RansomedVC has redefined the boundaries of cybercrime by combining propaganda, influence campaigns, and misinformation.
1.4k 0 11 2
BlackBox (Security) Archiv

25 Apr, 14:32

Open in Telegram Share Report
Docker Security – Step-by-Step Hardening (Docker Hardening)

This article provides practical recommendations for configuring Docker platform aimed at increasing its security. It also suggests tools helpful in automation of some tasks related to securing Docker.

My intention is to guide the reader step by step through the process of preparing a secure configuration. As such, this guide may prove to be more extensive than other similar publications. However, this is a conscious choice. My goal is not merely to present a dry list of parameters and ready-made configuration snippets, but to provide the reader with a fuller context. I want the reader to understand why certain modifications are necessary and what benefits their implementation will bring.

https://reynardsec.com/en/docker-platform-security-step-by-step-hardening/

#docker #hardening #guide
πŸ“‘@cRyPtHoN_INFOSEC_IT
πŸ“‘@cRyPtHoN_INFOSEC_FR
πŸ“‘@cRyPtHoN_INFOSEC_EN
πŸ“‘@cRyPtHoN_INFOSEC_DE
πŸ“‘@BlackBox_Archiv
Home
ReynardSec - Cybersecurity Advisor
2.1k 0 56 4
20 last posts shown.