Security News

WhatsApp adds proxy support to help bypass Internet blocks
2023-01-05 17:19

Starting today, WhatsApp allows users to connect via proxy servers due to Internet shutdowns or if their governments block the service in their country. The new proxy support option is available to all users running the latest WhatsApp iOS and Android applications.

BlackProxies proxy service increasingly popular among hackers
2022-12-02 18:56

A new residential proxy market is becoming popular among hackers, cybercriminals, phishers, scalpers, and scammers, selling access to a million claimed proxy IP addresses worldwide. The BlackProxies service claims to have access to a pool of 1,000,000 IP addresses from around the world, all coming from real residential users, ensuring unblocked status, low detection rates, and good speeds.

ProxyNotShell – the New Proxy Hell?
2022-10-04 08:05

Nicknamed ProxyNotShell, a new exploit used in the wild takes advantage of the recently published Microsoft Server-Side Request Forgery vulnerability CVE-2022-41040 and a second vulnerability, CVE-2022-41082 that allows Remote Code Execution when PowerShell is available to unidentified attackers. Based on ProxyShell, this new zero-day abuse risk leverage a chained attack similar to the one used in the 2021 ProxyShell attack that exploited the combination of multiple vulnerabilities - CVE-2021-34523, CVE-2021-34473, and CVE-2021-31207 - to permit a remote actor to execute arbitrary code.

Microsoft SQL servers hacked to steal bandwidth for proxy services
2022-07-28 17:26

Threat actors are generating revenue by using adware bundles, malware, or even hacking into Microsoft SQL servers, to convert devices into proxies rented through online proxy services. To steal a device's bandwidth, the threat actors install software called 'proxyware' that allocates a device's available internet bandwidth as a proxy server that remote users can use for various tasks, like testing, intelligence collection, content distribution, or market research.

MFA adoption pushes phishing actors to reverse-proxy solutions
2022-02-03 14:42

The rising adoption of multi-factor authentication for online accounts pushes phishing actors to use more sophisticated solutions to continue their malicious operations, most notably reverse-proxy tools. The increasing use of MFA has pushed phishing actors to use transparent reverse proxy solutions, and to cover this rising demand, reverse proxy phish kits are being made available.

Innovative Proxy Phantom ATO Fraud Ring Haunts eCommerce Accounts
2021-09-30 17:05

A sophisticated fraud ring, dubbed Proxy Phantom, has pushed the boundaries of credential-stuffing attacks with a dynamic account takeover technique that was flooding eCommerce merchants in the third quarter. What really set the Proxy Phantom attacks apart was the use of dynamically generated IP addresses from which it launched the campaigns.

Poisoned proxy PACs! The NPM package with a network-wide security hole…
2021-09-06 18:28

Perry rediscovered this risk recently, when he decided to use a popular NPM package called Proxy-Agent to provide the proxy support he wanted in his HTTP Toolkit product. Numerous corporate-style tools exist to help computers on a network locate their official internal proxies automatically, including PAC, short for proxy auto-configuration, and WPAD, short for web proxy auto-discovery.

You can use wget behind a proxy: Here's how
2021-08-10 12:00

Jack Wallen has the solution to get this setup working properly. If wget is your go-to download command on your Linux servers, and your machines are behind a proxy, learn this trick.

How to use wget behind a proxy
2021-06-03 15:57

If wget is your go-to download command on your Linux servers, and your machines are behind a proxy, Jack Wallen has the solution to get this setup working properly. The developers of wget considered this and built in the necessary options for using the tool when behind a proxy.

Apple will proxy Safe Browsing requests to hide iOS users' IP from Google
2021-02-15 19:55

Apple's upcoming iOS 14.5 update will come with a new feature that will redirect all fraudulent website checks through its own proxy servers as a workaround to preserve user privacy and prevent leaking IP addresses to Google. To achieve this, Apple relies on Google Safe Browsing - or Tencent Safe Browsing for users in Mainland China - a blocklist service that provides a list of URLs for web resources that contain malware or phishing content, to compare a hash prefix calculated from the website address and check if the website is fraudulent.