#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Proxy server | Breaking Cybersecurity News | The Hacker News

Meta Details WhatsApp and Messenger Interoperability to Comply with EU's DMA Regulations

Meta Details WhatsApp and Messenger Interoperability to Comply with EU's DMA Regulations

Mar 08, 2024 Interoperability / Encryption
Meta has offered details on how it intends to implement interoperability in WhatsApp and Messenger with third-party messaging services as the Digital Markets Act (DMA) went into effect in the European Union. "This allows users of third-party providers who choose to enable interoperability (interop) to send and receive messages with opted-in users of either Messenger or WhatsApp – both designated by the European Commission (EC) as being required to independently provide interoperability to third-party messaging services," Meta's Dick Brouwer  said . DMA, which officially  became enforceable  on March 7, 2024, requires companies in gatekeeper positions – Apple, Alphabet, Meta, Amazon, Microsoft, and ByteDance – to meet certain obligations as part of the European Commission's efforts to clamp down on anti-competitive practices from tech players, level the playing field, as well as compel them to open some of their services to competitors. As part of its efforts to comply with the lan
This Malware Turned Thousands of Hacked Windows and macOS PCs into Proxy Servers

This Malware Turned Thousands of Hacked Windows and macOS PCs into Proxy Servers

Aug 21, 2023 Malware / Privacy
Threat actors are leveraging access to malware-infected Windows and macOS machines to deliver a proxy server application and use them as exit nodes to reroute proxy requests. According to AT&T Alien Labs, the unnamed company that offers the proxy service operates more than 400,000 proxy exit nodes, although it's not immediately clear how many of them were co-opted by malware installed on infected machines without user knowledge and interaction. "Although the proxy website claims that its exit nodes come only from users who have been informed and agreed to the use of their device," the cybersecurity company  said  it found evidence where "malware writers are installing the proxy silently in infected systems." Multiple malware families have been observed delivering the proxy to users searching for cracked software and games. The proxy software, written in the Go programming language, is capable of targeting both Windows and macOS, with the former capable o
How to Find and Fix Risky Sharing in Google Drive

How to Find and Fix Risky Sharing in Google Drive

Mar 06, 2024Data Security / Cloud Security
Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn't anyone's fault; it's inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally.  For Security & Risk Management teams, the untenable risk of any Google Drive footprint lies in the toxic combinations of sensitive data, excessive permissions, and improper sharing. However, it can be challenging to differentiate between typical business practices and potential risks without fully understanding the context and intent.  Material Security, a company renowned for its innovative method of protecting sensitive data within employee mailboxes, has recently launched  Data Protection for Google Drive  to safeguard the sprawl of confidential information scattered throughout Google Drive with a powerful discovery and remediation toolkit. How Material Security helps organ
How to Run Google SERP API Without Constantly Changing Proxy Servers

How to Run Google SERP API Without Constantly Changing Proxy Servers

Oct 29, 2020
You've probably run into a major problem when trying to scrape Google search results. Web scraping tools allow you to extract information from a web page. Companies and coders from across the world use them to download Google's SERP data. And they work well – for a little while. After several scrapes, Google's automated security system kicks in. Then it kicks you out. The standard was to bypass the block is to use a proxy. However, each proxy only allows a limited number of scrapes. That's why Google SERP APIs are the perfect tool to overcome these limitations. This article examines how to overcome Google web scraping issues without changing proxy servers. Read on to learn more about web scraping. Discover the types of data you can extract. And how API web scraping tools can make your life a  lot  easier. What Is Web Scraping? Think of a website that you want to copy information from. How can you extract that data without entering the site on your browser and dow
cyber security

Uncover Critical Gaps in 7 Core Areas of Your Cybersecurity Program

websiteArmor PointCyber Security / Assessment
Turn potential vulnerabilities into strengths. Start evaluating your defenses today. Download the Checklist.
Just An SMS Could Let Remote Attackers Access All Your Emails, Experts Warn

Just An SMS Could Let Remote Attackers Access All Your Emails, Experts Warn

Sep 04, 2019
Beware! Billion of Android users can easily be tricked into changing their devices' critical network settings with just an SMS-based phishing attack. Whenever you insert a new SIM in your phone and connects to your cellular network for the very first time, your carrier service automatically configures or sends you a message containing network-specific settings required to connect to data services. While manually installing it on your device, have you ever noticed what configurations these messages, technically known as OMA CP messages, include? Well, believe me, most users never bother about it if their mobile Internet services work smoothly. But you should worry about these settings, as installing untrusted settings can put your data privacy at risk, allowing remote attackers to spy on your data communications, a team of cybersecurity researchers told The Hacker News. Mobile carriers send OMA CP (Open Mobile Alliance Client Provisioning) messages containing APN settin
New Trojan Turns Thousands Of Linux Devices Into Proxy Servers

New Trojan Turns Thousands Of Linux Devices Into Proxy Servers

Jan 25, 2017
" Linux doesn't get viruses " — It's a Myth. A new Trojan has been discovered in the wild that turns Linux-based devices into proxy servers, which attackers use to protect their identity while launching cyber attacks from the hijacked systems. Dubbed Linux.Proxy.10 , the Trojan was first spotted at the end of last year by the researchers from Russian security firm Doctor Web, who later identified thousand of compromised machines by the end of January this year and the campaign is still ongoing and hunting for more Linux machines. According to researchers, the malware itself doesn't include any exploitation module to hack into Linux machines; instead, the attackers are using other Trojans and techniques to compromise devices at the first place and then create a new backdoor login account using the username as " mother " and password as " fucker ." Once backdoored and the attacker gets the list of all successfully compromised Linux ma
Here's How Riffle Anonymity Network Protects Your Privacy better than Tor

Here's How Riffle Anonymity Network Protects Your Privacy better than Tor

Jul 16, 2016
Online privacy is an Internet buzzword nowadays. If you are also concerned about the privacy of your web surfing, the most efficient way is to use TOR – a free software that lets users communicate anonymously by hiding their actual location from snoopers. Although TOR is a great anonymous network, it has some limitations that could still allow a motivated hacker to compromise the anonymity of legions of users, including dark web criminals as well as privacy-minded innocents. Moreover, TOR (The Onion Network) has likely been targeted by the FBI to arrest criminals , including the alleged Silk Road 2 lieutenant Brian Richard Farrell, who was arrested in January 2014. Even the TOR Project accused the FBI of paying the researchers of Carnegie Mellon University (CMU) at least $1 Million to disclose a technique that could help the agency unmask TOR users and reveal their IP addresses as part of a criminal investigation. So, what's next? Is there an alternative? Well, most p
Astoria — Advanced Tor Client Designed to Avoid NSA Attacks

Astoria — Advanced Tor Client Designed to Avoid NSA Attacks

May 23, 2015
In response to the threat of intelligence agencies like NSA and GCHQ, Security researchers from American and Israeli academics have developed a new advanced Tor client called Astoria specially designed to make eavesdropping harder . Tor (The Onion Router) is the most popular anonymity network that is intended to allow a user to browse the Internet anonymously via a volunteer network of more than 6000 relays/nodes. The encrypted traffic of a user is being routed through multiple relays in the network. The user-relay connection is known as a circuit. Tor does not share your identifying information like your IP address and physical location with websites or service providers on the receiving end because they don't know who is visiting. Timing Attacks yet a major issue: However, Tor isn't as safe from the prying eyes of network level attackers as we once thought. Big spying agencies like the United States intelligence agency NSA and the British Governmen
Why Tor Shuts Down its Anonymous Cloud Service?

Why Tor Shuts Down its Anonymous Cloud Service?

May 11, 2015
Why Tor Cloud Project Shuts Down? Yes, you heard that right. The Tor project has announced that it's closing down its Tor Cloud service that allowed users to donate bandwidth for browsing the web anonymously. The Tor Project is a non-profit organization behind the Tor anonymizing network that allows any online user to browse the Internet without the fear of being tracked. And one of its lesser known projects was the Amazon-powered Tor Cloud service. Tor Cloud Project provided a user-friendly way for users to create a "bridge" node on Amazone's Elastic Compute Cloud (EC2) for the Tor network, essentially donating bandwidth to the Tor network in order to help users access an uncensored Internet faster and securely. Launched back in 2011, Tor Cloud Project was a pretty good idea then… ...Why Tor is closing Tor Cloud Service? What could be the reason for the shutdown of Tor Cloud Project? Tor developers were unable to get enough help to maintain the so
Tor — How to Protect Your Digital Environment?

Tor — How to Protect Your Digital Environment?

Mar 17, 2015
Are you aware of everything that your users are accessing from your environment? While most of the time, non-work-related Internet browsing is harmless (looking at pictures of cats, online shopping, social media, etc.) there are some instances where you could be an unknowing and unwilling participant in criminal activity. That is, when users hide that activity via the Tor network , or the Dark Net . The Onion Router , better known as " Tor ", an open source project, launched in 2002, is designed to allow a user to browse the Internet anonymously via a volunteer network of more than 5000 relays. It doesn't share your identifying information like your IP address and physical location with websites or service providers. A user that navigate Internet using Tor , it's quite difficult to trace its activities ensuring his online privacy. There are arguably legitimate uses for this technology, such as providing Internet access in repressively regulated countri
Tor Network Is Under Attack through Directory Authority Servers Seizures

Tor Network Is Under Attack through Directory Authority Servers Seizures

Dec 23, 2014
Tor has been targeted once again, but this time at a much larger scale. A new attack on Tor network reportedly would either completely shut it down worldwide or turn it into evil network. This time Tor – an internet browser which allows people to maintain their anonymity online by protecting their location – is warning its users of a cyber attack that quietly seized some of its network specialized servers called Directory Authorities (DA) , the servers that help Tor clients to find Tor relays in the anonymous network service. Tor network architecture relies on ten Directory Authorities whose information is hardcoded into Tor clients. These directory authorities are located in the Europe and United States, and maintain the signed list of all the verified exit relays of the Tor network, and according to experts, attack on these backbone servers can "incapacitate" the overall architecture of Tor. " The Tor Project has learned that there may be an attempt to incapacit
Facebook Now Accessible Via Tor Anonymous Network Using .Onion Address

Facebook Now Accessible Via Tor Anonymous Network Using .Onion Address

Nov 01, 2014
If you are fan of the largest social networking site Facebook, but also want to remain anonymous while using your Facebook account, then there is really a Good news for you. Facebook on Friday began offering a way for security and Privacy conscious users to connect to its social networking service using the anonymizing service running on the Tor networ k, by launching a .onion address. This is really a historic move of the social network. Tor Browser is an open source project, launched in 2002, designed to increase the anonymity of your activities on the Internet by not sharing your identifying information such as your IP address and physical location with websites and your service providers. Browsing and data exchange over a network is made through encrypted connections between computers. The social network just created a special URL – https://facebookcorewwwi.onion – that will allow users running Tor-enabled browsers to connect Facebook's Core WWW Infrastructure. Hidden service
Several Tor Exit Nodes Vulnerable To Heartbleed Bug

Several Tor Exit Nodes Vulnerable To Heartbleed Bug

Apr 17, 2014
Half of the Internet fall victim to the biggest threat, Heartbleed bug and even the most popular online anonymity network Tor is also not spared from this bug. Tor is one of the best and freely available privacy software, runs on the network of donated servers that lets people communicate anonymously online through a series of nodes that is designed to provide anonymity for users and bypass Internet censorship. When you use the Tor software, your IP address remains hidden and it appears that your connection is coming from the IP address of a Tor exit relay or nodes, which can be anywhere in the world. An Exit relay is the final relay that Tor encrypted traffic passes through before it reaches its destination. But some of these Tor exit nodes are running on the servers with the affected version of OpenSSL installed which are vulnerable to the critical Heartbleed Flaw. This means an attacker can grab the hidden information from the Tor network which is actually restricte
New Banking malware 'i2Ninja' being sold via underground Russian Cybercrime Market

New Banking malware 'i2Ninja' being sold via underground Russian Cybercrime Market

Nov 21, 2013
Researchers at Trusteer   spotted a new banking malware program on the underground Russian cybercrime market , that communicates with attackers over the I2P anonymity network is for sale on underground Russian cybercrime forums. Dubbed ' i2Ninja ', malware has most of the features found in other financial malware including the ability to perform HTML injections and form grabbing in Internet Explorer, Firefox and Chrome. i2Ninja can also steal FTP and e-mail credentials. It also has a PokerGrabber module feature that targets poker sites. The traffic between the malware and the command server cannot be easily blocked by intrusion prevention systems or firewalls because it's encrypted and transmitting over the Invisible Internet Project (I2P). Everything from delivering configuration updates to receiving stolen data and sending commands is done via the encrypted I2P channels. I2P communication can make it much harder for security researchers to find and take
VPN provider 'Proxy.sh' sniffed the traffic of US based server to Catch Hackers

VPN provider 'Proxy.sh' sniffed the traffic of US based server to Catch Hackers

Sep 30, 2013
The very first question we always try to figure before choosing a trusted VPN service - Can't a VPN provider just look at my traffic all they want and see what I'm doing? Well, a reputated  VPN provider today answers the Question and admitted that they sniffed the traffic on one of its United States-based servers in order to catch an alleged hacker. Proxy.sh , a quality VPN service with no-logging policy, made a surprise announcement : " We are unfortunate to announce that there have been abuses complaints about hacking activities on our U.S. Illinois 1 node. We have been saddened to learn that these actions were harmful to individuals (human beings). As a result, we will open this node again and monitor it with Wireshark for a period of 7 days. Torrentfreak  noticed that there was no mention of any legal process, court order, police action or other similar outside influence compelling Proxy. sh to do so. The monitoring was triggered after Proxy.s
Cybersecurity Resources