tor browser | Breaking Cybersecurity News | The Hacker News

Mozilla has filed a brief with a U.S. District Court asking the FBI to disclose the potential vulnerabilities in its Firefox browser that the agency exploited to unmask TOR users in a criminal investigation. Last year, the FBI used a zero-day flaw to hack TOR browser and de-anonymize users visiting child sex websites. Now, Mozilla is requesting the government to ask the FBI about the details of the hack so that it can ensure the security of its Firefox browser. TOR is an anonymity software that provides a safe haven to human rights activists, government, journalists but also is a place where drugs, child pornography, assassins for hire and other illegal activities has allegedly been traded. TOR Browser Bundle is basically an Internet browser based on Mozilla Firefox configured to protect the user's anonymity via Tor and Vidalia. In 2015, the FBI seized computer servers running the world's largest dark web child pornography site 'Playpen' from a web host in Lenoir, No

Clickjacking Vulnerability in Telegram Web Client The official Telegram web-client that allows its users to access messenger account over desktop's web browser is vulnerable to clickjacking web application vulnerability. Egyptian security researcher Mohamed A. Baset told The Hacker News about a flaw in Telegram that could allow an attacker to change sensitive information of a Telegram user, including password and the recovery e-mail. [ Watch Video Demo ] "Telegram web client is not protecting itself from clickjacking with the typical X-Frame-Options header but uses a JS frame busting technique to prevent the website to be iframed," Mohamed says. However, by exploiting one of HTML5 Features, Mohamed was able to open the Telegram account's settings page with a sandboxed iframe to prevent redirecting to top window, which also allows him to execute cross-site request forgery (csrf) vulnerability on the web-client. " I sent [bug report] it to them [Telegram team]

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

In Brief Facebook has hit another Milestone: More than 1 MILLION people, or you can say privacy conscious, are accessing Facebook over TOR. Facebook proudly announced today that, this month, for the first time, the people connected to the anonymous version of Facebook that's accessible only through the TOR anonymity network exceeded 1 Million – an increase of almost 100% in the past ten months. Today, when global surveillance system continues to grow, encryption has the power to protect users' security and privacy online. And it is ultimately a good thing that companies like Facebook are competing on users' security. In 2014, Facebook launched a special version of its website that runs only with the help of Tor anonymity software that offers privacy to users. Tor anonymity software or Tor browser secures and encrypts connections to prevent cyber criminals or law enforcement agencies from tracking users' web activity. Tor users can visit Facebook's Tor hidden s

Last month, the Federal Bureau of Investigation (FBI) was ordered to reveal the complete source code for the TOR exploit it used to hack visitors of the world's largest dark web child pornography site, PlayPen. Robert J. Bryan, the federal judge, ordered the FBI to hand over the TOR browser exploit code so that defence could better understand how the agency hacked over 1,000 computers and if the evidence gathered was covered under the scope of the warrant. Now, the FBI is pushing back against the federal judge's order. On Monday, the Department of Justice (DOJ) and the FBI filed a sealed motion asking the judge to reconsider its ruling, saying revealing the exploit used to bypass the Tor Browser protections is not necessary for the defense and other cases. In previous filings, the defence has argued that the offensive operation used in the case was " gross misconduct by government and law enforcement agencies, " and that the Network Investigative Technique (NIT)

Information security and privacy are consistently hot topics after Edward Snowden revelations of NSA's global surveillance that brought the world's attention towards data protection and encryption as never before. Moreover, just days after Windows 10 's successful launch last summer, we saw various default settings in the Microsoft's newest OS that compromise users' privacy , making a large number of geeks, as well as regular users, migrate to Linux. However, the problem is that majority of users are not friendly to the Linux environment. They don't know how to configure their machine with right privacy and security settings, which makes them still open to hacking and surveillance. However, this gaping hole can be filled with a  Debian-based  Security-focused Linux operating system called Subgraph OS: A key solution to your Privacy Fear. Subgraph OS is a feather weighted Linux flavor that aims to combat hacking attacks easier, even on fai

There are several encrypted messaging apps for mobile and desktop platforms that shipped with "The Most Secure" tagline but ends up in de-anonymizing the real identity of its users in some or the other way. In fact, very few encrypted messaging apps available today deal with the core problem of Metadata .  The majority of apps offer end-to-end encryption that kept the content of your messages away from prying eyes, but your metadata will still be accessible to them, which is enough to know who you really are, and who you're talking to. But, one messenger app stands out of the crowd by providing superb anonymity to its users, and it is dubbed as " Ricochet ." Ricochet is a peer-to-peer instant messaging system available for Windows, Mac, and Linux and you can trust it as the app has already cleared its first professional security audit carried out by cyber security company NCC Group . What's so Promising about Ricochet? Unlike

Do you know: There is a vast section of the Internet which is hidden and not accessible through regular search engines and web browsers. This part of the Internet is known as the Deep Web , and it is about 500 times the size of the Web that we know. What is DEEP WEB? Deep Web  is referred to the data which are not indexed by any standard search engine such as Google or Yahoo. The 'Deep Web' refers to all web pages that search engines cannot find, such as user databases, registration-required web forums, webmail pages, and pages behind paywalls. Then, there's the Dark Web or Dark Net – a specific part of that hidden Deep Web. Deep Web and Dark Web are the intriguing topics for the Netizens all around. But when you hear the term 'Deep Web' or 'Dark Web,' you usually categorize them into one. If yes, then you are wrong. What is DARK WEB? Dark Web is where you can operate without been tracked, maintaining total anonymity.

Attention Tor Onion Hosters! A year old loophole in Apache Web Server, uncovered by an unknown Computer Science Student, could potentially unmask the real identity of .onion-domains and servers hidden behind the Tor-network. Although the loophole was reported on Reddit and to the Tor Project months back, it recently came to the limelight soon after a tweet by Alec Muffet , a well-known security enthusiast and current software engineer at Facebook. What is Tor Hidden (.onion) Service? Dark Web websites (generally known as 'onion services') with a special domain name that ends with .onion, are called Tor Hidden Service and reachable only via the Tor network. Tor Hidden Service is a widely popular anonymity network used by Whistleblowers, Underground Markets, Defense Networks and more in order to maintain secrecy over the Internet. An Onion Website can be hosted on the top of any web servers. But, if you are choosing Apache, then you need to rethink.

Rejoice for Privacy Lovers! Facebook today took a surprising move by announcing that it is bringing the free anonymizing software TOR support to its Android app , almost two years after the social network planned to make Facebook available directly over Tor network. Yes. Believe it or not, the Android version of the popular Facebook application now supports the Tor anonymity network. In October 2014, Facebook launched a .onion website on TOR in order to let its users around the world access its service more securely. Access Facebook over TOR via Orbot This latest move to expand that access to the Android app opens up the option to millions more users to maintain their privacy when they visit the world's most popular social network. Facebook says "a sizeable community of people" are already accessing the site over TOR, so the company is bringing this feature to Android via the free Orbot proxy app , which is available on the Google's Play

Now this was to be done, Sooner or Later – The Government. In the wake of the recent deadly Paris terror attacks, the French government is considering new laws that would Ban access to Free Wi-Fi and the Tor anonymity network, according to a recent report by French newspaper Le Monde. The report cites an internal document from the Ministry of Interior by French Department of Civil Liberties and Legal Affairs (DLPAJ) that lists two proposed bills – one around the State of Emergency and the other on combating counter-terrorism. Last month's Paris attacks started blame games, calling Edward Snowden and end-to-end encrypted services responsible for the ISIS-sponsored massacre. Also Read: Anonymous declares War on ISIS: 'We will Hunt you Down!' Now, the government has started renewing their assault on encryption and reviving their efforts to force tech companies to hand over encryption keys, and the document obtained by Le Monde hints the same. Proposed Pieces of Legis

Just day before yesterday, the Tor Project Director Roger Dingledine accused the FBI of paying the Carnegie Mellon University (CMU) at least $1 Million to disclose the technique they had discovered to unmask Tor users and reveal their IP addresses. However, the Federal Bureau of Investigation has denied the claims. In a statement, the FBI spokeswoman said , "The allegation that we paid [CMU] $1 Million to hack into Tor is inaccurate." The Tor Project team discovered more than hundred new Tor relays that modified Tor protocol headers to track online people who were looking for Hidden Services , and the team believes that it belongs to the FBI in order to reveal the identity of Tor-masked IP addresses. One such IP address belongs to Brian Richard Farrell , an alleged Silk Road 2 lieutenant who was arrested in January 2014. The attack on Tor reportedly began in February 2014 and ran until July 2014, when the Tor Project discovered the flaw. Within few

The Tor Project has officially launched the first beta version of Tor Messenger, an open source and Encrypted instant messaging client that works on top of the Tor network. Tor Messenger is designed by keeping both simplicity and privacy in mind. The team claimed that their app encrypts the content of instant messages as well as makes it very difficult for snoopers and eavesdroppers to identify the user sending them. Tor Messenger integrates the " Off-the-Record " (OTR) to encrypt messages and then routes them over Tor network in the same manner as the Tor Browser does for the web. The app is built on Mozilla's instant messaging client Instantbird and works a lot like Adium, another popular instant messaging client. Here's How to Install Tor Messenger in your PC: Tor Messenger can be run on versions of Windows, Mac, or Linux PC. To do so, you simply have to follow these simple steps: Download Tor from here Drag the app to your Application

PRIVACY  – a bit of an Internet buzzword nowadays. Why? Because the business model of the Internet has now become data collection. If you trust Google, Facebook or other Internet giants to be responsible managers of your data, the ongoing Edward Snowden revelations are making it all clear that this type of information can be easily snooped by the intelligence agencies like NSA and GCHQ. In short, the simple truth is that you have no or very little privacy when you are online. So, if you are worried about identity thieves, or your ISP spying on or throttling your traffic, the most efficient way to secure your privacy on the Internet is to use a Virtual Private Network (VPN) service. Though you can take other measures to increase security on your end, like installing a firewall as well as blocking known intrusive IP addresses that might be spying on you — But VPN takes your security to the next level by encrypting all inbound and outbound data. VPN (Virtual Priv

I think you'll agree with me when I say: It's quite hard to maintain anonymity on the Internet using the slow Tor network. Or is it? Well, it turns out, you may soon boost your online anonymity dramatically with the help of a new high-speed anonymity network. A group of six academics have developed a Tor network alternative for users that allows high-speed anonymous web surfing, reinforcing the privacy of Internet users worldwide. The network is dubbed: HORNET: High-speed Onion Routing at the Network Layer Many anonymising networks, including The Onion Router (or TOR) network, are often slow because the data passing through the networks is encrypted a many numbers of times. However, the high-speed onion routing network HORNET is capable of handling anonymous traffic at speeds of more than 93 Gbps  while maintaining privacy. The new anonymous network is built by researcher Chen Chen of Carnegie Mellon University , along with Daniele Enri

The huge cache of internal files recently leaked from the controversial Italian surveillance software company Hacking Team has now revealed that the Federal Bureau of Investigation (FBI) purchased surveillance software from the company. The leaked documents contains more than 1 Million internal emails, including emails from FBI agent who wanted to unmask the identity of a user of Tor , the encrypted anonymizing network widely used by activists to keep their identities safe, but also used to host criminal activities. Unmasking Tor User In September last year, an FBI agent asked Hacking Team if the latest version of its Remote Control System (RCS), also known as Galileo - for which the company is famous for, would be capable to reveal the True IP address of a Tor user. The FBI agent only had the proxy IP address of the target, as according to FBI, the target may be using Tor Browser Bundle (TBB) or some other variant. So, the agent wanted to infect the target