Security News

The Tor Project has confirmed someone, or some group, is in control of a large number of Bitcoin-snaffling exit nodes in its anonymizing network, and it's battling to boot them off. One observer reckons more than 23 per cent of the entire Tor network's exit capacity was under the command of one miscreant, or one group of miscreants, at one point in May, with the end goal being the theft of people's cryptocurrency.

A malicious actor was at one point in control of roughly 23% of the entire Tor network's exit capacity, a security researcher has discovered. While malicious relays on the Tor network are not something new, this was the first time that a single actor managed to control such a large number of Tor exit nodes, a Tor server operator going by the name of Nusenu reveals.

Neal Krawetz, a computer forensics expert, has published details on how to detect Tor bridge network traffic that he characterizes as "Zero-day exploits"... which the Tor Project insists are nothing of the sort. Typically, users slide into the Tor network through a publicly listed entry relay, though they may choose to join via a bridge relay, or bridge for short, to avoid IP-based detection and censorship.

Looking for a way to gain a bit more security and privacy for your SSH connections? Jack Wallen shows you how with the help of Tor.

In an alert this week, the Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation warned enterprises about the use of Tor in cyberattacks. Maintained by non-profit organization Tor Project, the Tor software and the underlying infrastructure are meant to provide users with anonymity and the means to bypass censorship by encrypting requests and routing them via multiple nodes.

Firefox 77 and Tor Browser 9.5 were released this week with patches for a variety of vulnerabilities, including several rated high severity. Mozilla's browser arrived with a total of 8 security fixes, including 5 that address high severity issues.

The Tor Project this week rolled out an update to its browser that attempts to make the anonymity-protecting onion routing scheme more approachable. The Tor Project itself emerged from federally funded research led by the US Office of Naval Research and DARPA. Tor is an acronym for the original name of the project, The Onion Router, an encrypted networking protocol designed to support anonymous communication - although paradoxically a popular website for Tor users is Facebook.

Looking for a way to gain a bit more security and privacy for your SSH connections? Jack Wallen shows you how with the help of Tor. I'm going to walk you through the process of making SSH connections over Tor.

The Tor Project is laying off a third of its staff due to the current COVID-19 outbreak, the non-profit organization has announced. The developer of the popular privacy-focused Tor Browser said the crisis hit it hard, forcing it to make some difficult decisions.

This week in The Reg's security roundup of the notable bits beyond what we've already covered, the Tor Project has cut back to its core team, Zoom has called in the big security guns, US tech firms are taking on its Congress - and more. First off, it has been a bad weekend for 13 staffers at the nonprofit Tor Project after they were let go as the team was reduced to core operations only.