tor | Breaking Cybersecurity News | The Hacker News

If a whistleblower discloses an activity to the public, then there should be a trust-based mechanism that ensure the protection of truth-tellers on an international level by hiding their identities. In an effort to provide this kind of service and security, Security experts grouped together to create a stealthy Internet Messenger (IM) and file transfer client, which is especially designed for whistleblowers. Dubbed as " ‪invisible.im " is an anonymous Instant Messenger (IM) that leaves no trace‬. The team behind the project called itself " The Infosec A-Team " which includes Metasploit Founder HD Moore , noted infosec and opsec experts The Grugq , an Australian security analyst Patrick Gray , and Richo . Invisible.im aims to serve the rigid anonymity needs of whistleblowers. The project website states: invisible.im was established to develop an instant messenger and file transfer tool that leaves virtually no evidence of conversations or transfers having occurred. Th

We all are aware of the National Security Agency's (NSA) mass surveillance program to track non-Americans. Thanks to former NSA contractor Edward Snowden, who provided confidential documents about the widely spread surveillance programs conducted by the government intelligence agency such as NSA and GCHQ. A recent story about NSA surveillance broke when a German public broadcaster ARD published that the Agency is using its surveillance program XKeyScore to target users who use encryption and traffic anonymizing software, including Tor Network for anonymous Web browsing and Linux-based Tails operating system in an effort to keep tracks of people outside the US. XKeyScore is a powerful NSA surveillance program that collects and sorts intercepted data, which came to limelight in documents leaked by former NSA contractor Edward Snowden last summer, but the greater detail in an investigation conducted by American security expert and Tor Project member Jacob Appelbaum , Aaron Gibsom, and

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Just a few hours ago, the Official website of the  Tails Operating System  has been hacked and it appears that a self-proclaimed 17-year old hacker breached and defaced it. Tails is a Linux-based highly secure Operating System, specially designed and optimized to preserve users' anonymity and privacy. Hacker, who named himself " Sum guy ", managed to access the website as administrator and edited the homepage content with the following message: You has been haxoredeszed by sum dumb 17 year old by accident... Sorry about that please forgive me! I accidentally logged myself in as someone important and changed the site, not knowing that what I was changing would save! So sorry about that... I hope you have a backup, Oh and btw I love your OS! Yours sincerely, Sum guy And before I leave, Hi ed... and zoin Defaced Link:  https://tails.boum.org/index.en.html . However, all other pages on the Tails website are working just fine, but at this moment it is not clear

Last October, the ' Silk Road ' story broke when its owner Ross William Ulbricht , a 29-year-old who allegedly created and managed the Silk Road underground website, was arrested by the Federal Bureau of Investigation (FBI). The police seized the website that was considered one of the most popular Underground places on the Internet for buying drugs and other illicit goods and services. Just some days after the Shutdown of Silk Road , Authorities in Britain, Sweden, and the United States arrested eight more vendors who dedicatedly used to sell illegal drugs on Silk Road. Yesterday, Cornelis Jan Slomp , a 22-year old Dutch man who allegedly used the Silk Road underground black market website to sell illegal drugs for bitcoins worth millions of dollars has agreed to plead guilty in Chicago federal court to federal drug conspiracy charge filed against him, according to a statement issued by U.S. Attorney Zachary T. Fardon in Chicago and Slomp's lawyer. FBI CASHING OUT  SEI

We often talk about Underground communities, illegal websites or black markets, but as they are 'Underground' in nature i.e. Hidden websites running under Onion Network, many of us don't know how to reach the one we are searching for and if hopefully found, then its difficult to figure out a trustworthy vendor. Underground websites offer illegal high quality drugs or rifles, hacking tools, or any illegal services, until now you needed to type long, complex and specific Tor browser URLs directly into the browser which is quite difficult and sometimes the sites change their addresses which makes more difficult to navigate. Not any More! As the first search engine, ' Grams ' ( https://grams7enufi7jmdl.onion ) for online underground Black Markets has been launched in Beta last week, that lets anyone to easily find illegal drugs and other contraband online in an easier way ever and it's pretty fast like Google Search Engine. You don't need to do anything, just li

Half of the Internet fall victim to the biggest threat, Heartbleed bug and even the most popular online anonymity network Tor is also not spared from this bug. Tor is one of the best and freely available privacy software, runs on the network of donated servers that lets people communicate anonymously online through a series of nodes that is designed to provide anonymity for users and bypass Internet censorship. When you use the Tor software, your IP address remains hidden and it appears that your connection is coming from the IP address of a Tor exit relay or nodes, which can be anywhere in the world. An Exit relay is the final relay that Tor encrypted traffic passes through before it reaches its destination. But some of these Tor exit nodes are running on the servers with the affected version of OpenSSL installed which are vulnerable to the critical Heartbleed Flaw. This means an attacker can grab the hidden information from the Tor network which is actually restricte

Twitter , the biggest Social Media platform used for vital communication is now banned in Turkey from the last few days, after Prime Minister Recep Tayyip Erdoğan promised to root out the social media service during an election rally this week with the help of a court order. " Twitter and so on, we will root them out. The international community can say this or that – I don't care. They will see the power of the Turkish Republic ." After the ban imposed on Twitter late on Thursday, millions of Turkey users began using Google's DNS service to bypassing censorship, that briefly helped Turks stay connected to Twitter. Turkey Government is trying to close all the possible loopholes that had allowed users to circumvent the ban and finally today the authorities have also blocked the Google DNS service (8.8.8.8 and 8.8.4.4), However the number of tweets jumped 138% in the last 24 Hours and almost 2.5 million tweets have been posted from the country after the ban imposed. Why

Tor network offers users browse the Internet anonymously and is mostly used by activists, journalists to conceal their online activities from prying eyes. But it also has the Dark side, as Tor is also a Deep Web friendly tool that allows hackers and cyber criminals to carry out illicit activities by making themselves anonymous. Kaspersky security researcher reported that Tor network is currently being used to hide 900 botnet and other illegal hidden services, through its 5,500 plus nodes i.e. Server relays and 1,000 exit nodes i.e. Servers from which traffic emerges. These days, Cyber criminals are hosting malware's Command-and-control server on an anonymous Tor network to evade detection i.e., difficult to identify or eliminate. Illegal use of the Tor network boosted up after the launch of the most popular underground Drug Market - Silk road  that also offered arms and malware to their users against Bitcoin , one of the popular crypto currency . ChewBacca , a point-

We are living in an era of Mass Surveillance,  conducted by the Government Agencies like the NSA and GCHQ, and we ourselves gave them an open invitation as we all have sensors in our pockets that track us everywhere we go i.e. Smartphone. Encryption and security are more important today than any other time in our history. So, the best proactive way to keep your tracks clear is - Always use only trusted privacy tools and services . The same folks behind the Anonymity Tool, Tor Browser Bundle is currently working on a new Privacy tool called ' Tor Instant Messaging Bundle ' (TIMB), that will help you with encrypted communication to keep your online conversations private. The Tor is the free software that lets users browse the Internet anonymously and mostly used by activists, journalists and to conceal their online activities from prying eyes. Tor Instant Messaging Bundle, or TIMB is a real time anonymous chat system, that will simply route all of your chat dat

We use our Smartphone devices to do almost everything, from Internet Banking to Sharing private files and at the same pace, the mobile malware sector is also growing. The number of variants of malicious software aimed at mobile devices has reportedly risen about 185% in less than a year.  Security researchers have observed a growth in the numbers of computer malware families starting to use TOR-based communications, but recently the Security Researchers at anti-virus firm Kaspersky Lab have spotted  the world's first Tor-Based Malware for Android Operating system. The Android Malware dubbed as ' Backdoor. AndroidOS .Torec.a ', using Tor hidden service protocol for stealth communication with Command-and-Control servers. Researchers detected that the Trojan is running from .Onion Tor domain and working on the functionality of an open source Tor client for Android mobile devices, called ' Orbot ', thus eliminating the threat of the botnet being de

After Silk Road , another underground online marketplace ' Utopia ' has been seized by Dutch National Police ,  where users could buy illegal drugs and guns for home delivery. The police started their investigation under Codename ' Operation Commodore ' in 2013,   and finally  seized Utopia's Germany-based servers and arrested total 5 suspects for running this marketplace. One arrested in  Germany and  other four suspects, aged 29 to 46, were detained in The Netherlands.  Two of them had also been involved in another similar underground website ' Black Market Reloaded ', which was closed in December 2013. Utopia  reportedly launched only last week ( https://ggvow6fj3sehlm45.onion/ ),  intended to become a direct competitor of the Silk Road, was  a ' d ark web ' website, which is accessible only by using Tor anonymity software. The website is now displaying a message:  " This hidden service has been seized by the Dutch N

After the massive data breaches at U.S retailers Target and Neiman Marcus in which financial credentials of more than 110 million and 1.1 million customers were compromised respectively, shows that the Point of Sale (POS) system has become a new target for the cyber criminals. Despite the BlackPOS malware of Point of Sale (POS) system that comes out as the major cause of these data breaches, malware writers are upgrading and developing more Trojans to target POS system. In December, the security researchers at anti-virus firm Kaspersky Lab discovered a Tor-based banking trojan , dubbed " ChewBacca ", that was initially categorized as a Financial trojan, but recently security researchers at RSA have uncovered that 'ChewBacca' is also capable of stealing credit card details from point of sale systems. ' ChewBacca ', a relatively new and private Trojan, used in the 11 countries as a POS malware is behind the electronic theft. ChewBacca communicat

Over the past several months, it has become clear that the Internet and our Privacy have been fundamentally compromised. A Private search engine DuckDuckGo claims that when you click on one of their search results, they do not send personally identifiable information along with your request to the third party. Like Google dorks (advance search patterns), there are thousands of similar, but technically more useful search hacks are also available in DuckDuckGo called DuckDuckGoodies . Today I am going to share about Handy " Cryptography " using DuckDuckGo search engine . Whether you are a Hacker, Cracker or a Researcher, you need to face a number of hash strings in your day to day life. Hashing is a one way encryption of a plain text or a file, generally used to secure passwords or to check the integrity of the file. There is a certain set of hashing algorithms, e.g.md5, sha1, sha-512 etc. A hash function generates the exact output if executed n numbe

We are continuously keeping our eye on new variants of the widely spread Ransomware family like Cryptolocker , Prison Locker, Copycat and Locker which encrypts your files and ask for a random amount to decrypt it.  If infected by such malware, to be very honest, there is no hope for recovering your documents without paying a ransom amount to the cyber criminals. Online users are now facing another similar ransomware called ' CryptorBit ', ( Virustotal report ) first spotted on September 2013. It is not a variant of Cryptolocker but it does exactly the same thing i.e. Encrypt all the files on the Hard Disk. CryptorBit is an infection that activates by clicking links in a spam message or malicious email, or websites while browsing the web, or by opening an attachment in an email from a malicious source. Once your system gets infected by the CryptorBit, it will encrypt your files and hold them until a ransom of $50 - $500 or more is not paid. It will display

Using Tormail Email service for being Anonymous online while conversations and mail exchange?? There is a very disappointing news for all   current and past users, US Federal Bureau of Investigation (FBI) has a complete copy of Tormail server and they are using it to catch the Criminals & Hackers. According to court documents that recently surfaced, the FBI  have cloned the entire email database while investigating Freedom Hosting. In August 2013, when the FBI seized the Tor network's top web host, Freedom Hosting , that gave the feds access to every record of every anonymous site hosted by Freedom Hosting , including TorMail , a service that allowed to send and receive email anonymously . New evidence uncovered by Wired suggests those archives are now being used in completely unrelated investigations, but possibly now the FBI is mining the information from that database to track cyber criminals. Remember the shutdown of the Silk Road black market?? A

Tor is one of the best and freely available privacy software that lets people communicate anonymously online through a series of nodes that is designed to provide anonymity for users and bypass Internet censorship. When you use the Tor software, your IP address remains hidden and it appears that your connection is coming from the IP address of a Tor exit relay or nodes , which can be anywhere in the world. An exit relay is the final relay that Tor traffic passes through before it reaches its destination. According to a recent report ' Spoiled Onions: Exposing Malicious Tor Exit Relays ', published by security researchers Phillip Winter and Stefan Lindskog revealed that almost 20 exit relays in the Tor anonymity network that attempted to spy on users' encrypted traffic using man-in-the-middle techniques. Both Researchers spent more than four months studying on the Tor exit nodes using their own scanning software called " exitmap " and detected su