Browsing tag
Security researcher and software engineer Alec Muffett has created a new project called the Enterprise Onion Toolkit (EOTK), which can help website owners add a .onion URL for their site’s domain in a matter of minutes. Under the hood, EOTK works by creating a man-in-the-middle proxy between your visitors and the website. This proxy hosts […]
There are hundreds of VPN services on the market currently. The demand for VPN services has been on the rise in the recent past, thanks to the trend in which governments in various countries around the world are adopting legislation that limits the digital privacy rights of individuals. The problem is that you may find […]
Anonymous hacker breached Freedom Hosting II and taken down 10,613 .onion sites. Hackers focused on the prominent Tor hosting provider since it was giving its services to an expansive number of sites sharing child pornography image. The cyber assault was initially spotted by Sarah Jamie Lewis, a security scientist at mascherari.press, who saw the mass […]
Downloading and trying to open Windows DRM-protected files can deanonymize Tor Browser users and reveal their real IP addresses, security researchers from Hacker House have warned. Attacks using DRM-protected multimedia files in Windows have been known since 2005, but until recently, they’ve only been used to spread malware. Past attacks tried to lure users into […]
The encrypted dark web site aims to help users circumvent government censorship. ProtonMail now has a home on the dark web.The encrypted email provider announced Thursday it will allow its users to access the site through the Tor anonymity service. The aim is to allow its more than 2 million users access the provider by […]
Short Bytes: Privacy journalist and mobile app developer Mike Tigas has decided to make Tor-based Onion Browser for iOS freely available. Citing the recent incidents, he said that it’s more important than ever to support the free flow of information. Interestingly, until now, he was making more than $2,000 per month with the app. To support the project, […]
Ultrasounds emitted by ads or JavaScript code hidden on a page accessed through the Tor Browser can deanonymize Tor users by making nearby phones or computers send identity beacons back to advertisers, data which contains sensitive information that state-sponsored actors can easily obtain via a subpoena. This attack model was brought to light towards the […]
Short Bytes: Tor developers have created their own version of Sandboxed Tor Browser. At the moment, an early Alpha version of Sandboxed Tor Browser 0.0.2 is available for Linux distributions. The developers have taken this approach to minimize the attack surface during some vulnerability exploitation. The FBI is known to exploit Firefox browser vulnerabilities and […]
Developers at the Tor Project have started working on a sandboxed version of the Tor Browser, currently available as an early alpha version for Linux systems. Sandboxing is a security mechanism employed to separate running processes. In computer security, sandboxing an application means separating its process from the OS, so vulnerabilities in that app can’t […]
Short Bytes: The Tor Project has released Tor Phone–a privacy-focused and secure version of Android mobile OS. It’s based on Copperhead OS, a hardened Android distribution. Tor Phone also uses OrWall to force all the connections over Tor network. While Apple keeps capturing record share of smartphone market profit, Android secures its place as the most popular […]
Researcher: FBI was likely enabled to run half of all child porn sites on the servers. As Ars has reported, federal investigators temporarily seized a Tor-hidden site known as Playpen in 2015 and operated it for 13 days before shutting it down. The agency then used a “network investigative technique” (NIT) as a way to ensnare site users. […]
Short Bytes: New Jersey authorities have arrested a wannabe hitman who offered killing services on the dark web in exchange for money and gun. However, as a result of an undercover operation, he was arrested. He remains jailed with his bail set at $1 million. Dark web is a strange place. Often we read about hacktivists, drug […]
Researchers present new DefecTor deanonymization attack. A team of scientists has come up with a new attack method that in the hands of certain adversaries can be used to deanonymize Tor traffic by monitoring the traffic that goes into a Tor relay and the HTTP and DNS traffic that comes out of a Tor exit […]
Firefox is vulnerable to a Malicious Add On Attacks. A critical vulnerability which is in the fully patched version of the Mozilla’s Firefox browser that could allow well resourced attackers to launch man-in-the-middle (MITM) impersonation attacks and also affects the Tor anonymity network. Firefox automatically updates installed add-ons over an HTTPS connection. In order to […]
Short Bytes: The Tor Project has released Tor Browser 6.0.5 for all major platforms. This update of the popular anonymity software comes with an important bug fix in Mozilla Firefox that allowed an attacker to exploit an add-on vulnerability and inject malicious code. Other changes come in the form of updated HTTPS-Everywhere and a new Tor […]
Weakness in certificate pinning protections may open users to MitM attacks. Mozilla officials say they’ll release a Firefox update on Tuesday that fixes the same cross-platform, malicious code-execution vulnerability patched Friday in the Tor browser. The vulnerability allows an attacker who has a man-in-the-middle position and is able to obtain a forged certificate to impersonate Mozilla […]
One of the most active banking Trojans that we have observed recently in email and exploit kits is one often referred to as Ursnif or Gozi ISFB [6]. Thanks to Frank Ruiz from FoxIT InTELL, we know that the actor developing one of its variants since 2014 has named this variant Dreambot. The Dreambot malware […]
Short Bytes: The Tor project and the Debian project have teamed to provide Debian services and repositories over the Tor network. Debian has announced the existence of few such services in a blog post. The Debian Project, which works for the development of the Linux-based Debian OS, has announced that its services and repositories will […]
In April, an independent researcher launched a tool called OnionScan, which probes dark web sites for various vulnerabilities and other issues. Now, another researcher has described how to deploy that tool en masse using Python, in order to more efficiently scan sites. Open source intelligence trainer and author Justin Seitz has published the results of […]
Misbehaving hidden service directories are scattered around the world. The trust of the Tor anonymity network is in many cases only as strong as the individual volunteers whose computers form its building blocks. On Friday, researchers said they found at least 110 such machines actively snooping on Dark Web sites that use Tor to mask their […]
Chap responsible for very early nodes says ‘recent events’ make it impossible to continue. Tor’s annus horribilus continues, with one of its earliest contributors, Lucky Green, quitting and closing down the node and bridge authority he operates. Green’s announcement is here, and in full below. He specifically declines to describe why it is “no longer […]