Security news aggregator

Latest coverage for Proxy

Proxy servers can mask network origins, filter traffic, and create security risks when attackers abuse them for evasion or unauthorized access.

6 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

A proxy is an intermediary that sends requests to a destination and returns responses, so the client and destination do not communicate directly. A forward proxy represents users or systems making outbound connections; a reverse proxy represents an application or service to inbound clients and may route traffic, terminate TLS, or enforce authentication. This tag generally concerns these network components, not browser-based privacy tools alone.

Security depends heavily on configuration and trust boundaries. A forward proxy can enforce egress policy and provide useful logs, but an exposed or misconfigured one may permit unauthorized relaying, while proxy logs can reveal sensitive browsing or business activity. TLS inspection requires controlled certificate deployment and careful handling of decrypted traffic. Reverse proxies reduce direct exposure of back-end services, but access controls must not rely solely on them, and forwarded client-IP headers must be trusted only from known proxies. During investigations, proxy logs help reconstruct connections, but shared addresses and address translation can complicate attribution.

Showing 6 most recent headlines Filtered view
Krebs on Security 2 weeks, 1 day ago

FBI Seizes NetNut Proxy Platform, Popa Botnet

The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technologies [NASDAQ: ALAR]. The action comes roughly two weeks after KrebsOnSecurity published findings from multiple security firms connecting NetNut to the Popa botnet, a collection of at least two million devices that have been compromised by malicious software with little or no consent from victims.