I2P | Breaking Cybersecurity News | The Hacker News

Multiple successors of the original Silk Road have come and all have been taken offline in recent years, but aside from selling illegal goods and services, they all have had one thing in common – they've all relied on the Tor network. A new version of the anonymous online black market Silk Road, has re-appeared on the dark web, but this time the website doesn't rely on the now infamous Tor network and neither it deals in only Bitcoins. The new version of the notorious online black market, dubbed " Silk Road Reload​ed ", launched Sunday on the little-known " I2P " anonymous network, dealing with a range of cryptocurrencies including the meme-inspired Dogecoin. In short, apart from the name, there is no connection between the original Silk Road website and the newly launched Silk Road Reloaded . Silk Road Reloaded is only accessible by downloading the special software called I2P (Invisible Internet Project) , or by configuring your systems...

The critical zero-day security flaws, discovered in the privacy and security dedicated Linux-based Tails operating system by the researcher at Exodus Intelligence that could help attackers or law enforcements to de-anonymize anyone's identity, actually lie in the I2P software that's bundled with the Operating System. Exodus Intelligence has released some details and a video evidence that demonstrate an exploit against the found vulnerability unmasking an anonymous user of the Tails operating system. The researchers at Exodus claims they can use the vulnerability to upload malicious code to a system running Tails, execute the payload remotely, and de-anonymize the targeted users' public IP address as well. Tails is a security-focused Debian-based Linux distribution and a suite of applications that can be carried on a USB stick, an SD card or a DVD. It keeps users' communications private by running all connectivity through Tor , the network that routes traffic through ...

In cybersecurity, confidence is a double-edged sword. Organizations often operate under a false sense of security , believing that patched vulnerabilities, up-to-date tools, polished dashboards, and glowing risk scores guarantee safety. The reality is a bit of a different story. In the real world, checking the right boxes doesn't equal being secure. As Sun Tzu warned, "Strategy without tactics is the slowest route to victory. Tactics without strategy is the noise before defeat." Two and a half millennia later, the concept still holds: your organization's cybersecurity defenses must be strategically validated under real-world conditions to ensure your business's very survival. Today, more than ever, you need Adversarial Exposure Validation (AEV) , the essential strategy that's still missing from most security frameworks. The Danger of False Confidence Conventional wisdom suggests that if you've patched known bugs, deployed a stack of well-regarded security tools, and passed the nec...

Researchers at Trusteer   spotted a new banking malware program on the underground Russian cybercrime market , that communicates with attackers over the I2P anonymity network is for sale on underground Russian cybercrime forums. Dubbed ' i2Ninja ', malware has most of the features found in other financial malware including the ability to perform HTML injections and form grabbing in Internet Explorer, Firefox and Chrome. i2Ninja can also steal FTP and e-mail credentials. It also has a PokerGrabber module feature that targets poker sites. The traffic between the malware and the command server cannot be easily blocked by intrusion prevention systems or firewalls because it's encrypted and transmitting over the Invisible Internet Project (I2P). Everything from delivering configuration updates to receiving stolen data and sending commands is done via the encrypted I2P channels. I2P communication can make it much harder for security researchers to fin...