Security News

The Tor Project's main website, torproject.org, is actively blocked by Russia's largest internet service providers, and sources from the country claim that the government is getting ready to conduct an extensive block of the project. Tor is a software project that allows users to automatically encrypt and reroute their web requests through a network of Tor nodes for anonymous browsing.

Grouping these servers under the KAX17 umbrella, Nusenu says this threat actor has constantly added servers with no contact details to the Tor network in industrial quantities, operating servers in the realm of hundreds at any given point. The actor's servers are typically located in data centers spread all over the world and are typically configured as entry and middle points primarily, although KAX17 also operates a small number of exit points.

A new analysis of website fingerprinting attacks aimed at the Tor web browser has revealed that it's possible for an adversary to glean a website frequented by a victim, but only in scenarios where the threat actor is interested in a specific subset of the websites visited by users. Tor browser offers "Unlinkable communication" to its users by routing internet traffic through an overlay network, consisting of more than six thousand relays, with the goal of anonymizing the originating location and usage from third parties conducting network surveillance or traffic analysis.

The Tor Project has released Tor Browser 11.0 with a new user interface design and the removal of support for V2 onion services. You can download the Tor Browser from the Tor Project site, and if you are an existing user, you can upgrade to the latest version by going to the Tor Menu > Help > About Tor Browser.

REvil, the notorious ransomware gang behind a string of cyberattacks in recent years, appears to have gone off the radar once again, a little over a month after the cybercrime group staged a surprise return following a two-month-long hiatus. The development, first spotted by Recorded Future's Dmitry Smilyanets, comes after a member affiliated with the REvil operation posted on the XSS hacking forum that unidentified actors had taken control of the gang's Tor payment portal and data leak website.

The REvil ransomware operation has likely shut down once again after an unknown person hijacked their Tor payment portal and data leak blog. The Tor sites went offline earlier today, with a threat actor affiliated with the REvil operation posting to the XSS hacking forum that someone hijacked the gang's domains.

The Tor Project has brought major censorship circumvention and usability changes to the latest release of Tor Browser. The Tor team is on a mission to make Tor easier to use for everyone through user experience improvements based on research with users who face internet censorship and surveillance.

The Tor Project has released Tor Browser 10.5 with V2 onion URL deprecation warnings, a redesigned Tor connection experience, and an improved anti-censorship feature. Last year, the Tor Project announced that they were deprecating the use of V2 onion URLs in favor of the newer V3 URLs to provide more robust cryptography, longer URLs to prevent brute-forcing of hidden sites, and cleaner code.

Open-source Tor browser has been updated to version 10.0.18 with fixes for multiple issues, including a privacy-defeating bug that could be used to uniquely fingerprint users across different browsers based on the apps installed on a computer. In addition to updating Tor to 0.4.5.9, the browser's Android version has been upgraded to Firefox to version 89.1.1, alongside incorporating patches rolled out by Mozilla for several security vulnerabilities addressed in Firefox 89.

A new version of the open-source Tor Browser was released this week with patches for multiple vulnerabilities, including one that could allow malicious websites to track users across browsers by identifying applications running on their devices. The bug, a protocol flooding attack also referred to as scheme flood, relies on custom protocol handlers for browsers to probe desktop computers for installed applications, profile users, and track them across browsers such as Chrome, Firefox, Safari, and Tor.