90 matches found
Firefox 67.0.4 Released — Mozilla Patches Second 0-Day Flaw This Week
Okay, folks, it's time to update your Firefox web browser once again—yes, for the second time this week. After patching a critical actively-exploited vulnerability in Firefox 67.0.3 earlier this week, Mozilla is now warning millions of its users about a second zero-day vulnerability that attacker...
Official mobile version of Tor Browser released for Android – Download now
By Waqas There is good news for pro-anonymity web users who rely upon the Tor browser for using the internet. The first ever mobile browser app for the Tor browser has been released by the Tor Project, the organization behind the Tor network. The mobile version of the Tor browser is available for...
Tor Browser 7.0.8 Information Disclosure
Hi, there is the details for CVE-2017-16541 Tor Browser information disclosure, More infos at: https://www.wearesegment.com/research/tormoil-deanonymize-tor-browser-users-with-automount/ Tor Browser version 7.0.8, and probably prior, for Mac OS X and Linux, is affected by an information disclosur...
Tor Browser < 0.3.2.10 - Use After Free (PoC)
Exploit Title: Tor Browser - Use After Free PoC Date: 09.07.2018 Exploit Author: t4rkd3vilz Vendor Homepage: https://www.torproject.org/ Software Link: https://www.torproject.org/download/download-easy.html.en Version: Tor 0.3.2.x before 0.3.2.10 Tested on: Kali Linux CVE : CVE-2018-0491 Run...
Create Multiple TOR Instances With Load Balancing: Multitor
A tool that lets you create multiple TOR instances with a load-balancing traffic between them by HAProxy . It’s provides one single endpoint for clients. In addition, you can view previously running TOR processes and create a new identity for all or selected processes. The multitor has been...
tor/oss-fuzz-consensus: Heap-buffer-overflow in mock_crypto_pk_public_checksig__nocheck
Project: https://git.torproject.org/tor.git Detailed report: https://oss-fuzz.com/testcase?key=5170904637112320 Project: tor Fuzzer: libFuzzertoross-fuzz-consensus Fuzz target binary: oss-fuzz-consensus Job Type: libfuzzerasantor Platform Id: linux Crash Type: Heap-buffer-overflow WRITE Crash...
Tor Browser Users Urged to Patch Critical ‘TorMoil’ Vulnerability
The Tor Project released a patch for a vulnerability that leaks the real IP addresses of macOS and Linux users of its Tor Browser. The patch was issued late Friday and fixes a vulnerability found in Tor Browser version 7.0.8. The patch is in an upgrade to Tor Browser 7.0.9. Windows users running...
The Tor Project to Beef Up Privacy with Next-Generation of Onion Services
The Tor Project has made some significant changes to its infrastructure by improving the way the 'onion' network protects its users' privacy and security. Since the beginning, the largest free online anonymity network has been helping users browse the web anonymously, and its onion service provid...
Tor: Content spoofing on
Vulnerability description not provided...
Tor: Tor Project - Full Path Disclosure
Vulnerability description not provided...
Tor: Sql query disclosure,
Hi, path:- https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=mergeready&status=needsinformation&status=needsreview&status=needsrevision&status=new&status=reopened&component=- Select a...
Samsung Launches Bug Bounty Program — Offering up to $200,000 in Rewards
With the growing number of cyber attacks and data breaches, a number of tech companies and organisations have started Bug Bounty programs for encouraging hackers, bug hunters and researchers to find and responsibly report bugs in their services and get rewarded. Samsung is the latest in the list ...
Tor Project Brings Security Slider Feature to Android App Orfox
Tor Project developers recently bolstered Orfox, a Tor Browser for Android devices, to help privacy-conscious mobile browsers better customize their security. Tor Project developers partnered with the Guardian Project to release the first iteration of the app last December. It’s essentially an...
Tor: Scrollbar Width permits detecting browser platform
In April 2017 shortly before this bug bounty program went live, I repeatedly attempted to report this information disclosure vulnerability. However, my emails to the Tor Project's official vulnerability disclosure address went unanswered. It was not until I posted a public blog entry -- with a...
Tor Project Opens Bounty Program To All Researchers
The Tor Project announced today the launch of a public bug bounty program to encourage security researchers to privately report issues they find in the group’s software. Unlike its previous invite-only bounty program launched last year, this bounty program will be open to all bounty hunters throu...
Tor Launches Bug Bounty Program — Get Paid for Hacking!
With the growing number of cyber attacks and breaches, a significant number of companies and organisations have started Bug Bounty programs for encouraging hackers, bug hunters and researchers to find and responsibly report bugs in their services and get rewarded. Following major companies and...
Mozilla Firefox v52.02 - (Stack Overflow) DoS Vulnerability
Document Title: =============== Mozilla Firefox v52.02 - Stack Overflow DoS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2050 Release Date: ============= 2017-05-03 Vulnerability Laboratory ID VL-ID: ====================================...
Tor Project Releases Sandboxed Tor Browser 0.0.2
The non-profit organization behind TOR – the largest online anonymity network that allows people to hide their real identity online – has launched an early alpha version of Sandboxed Tor Browser 0.0.2. Yes, the Tor Project is working on a sandboxed version of the Tor Browser that would isolate th...
Mozilla Patches Firefox Zero Day Used to Unmask Tor Browser Users
As expected, Mozilla released a new version of Firefox on Wednesday to address a zero-day vulnerability that was actively being exploited to de-anonymize Tor Browser users. The vulnerability, disclosed on a public Tor Project mailing list late Tuesday night, forced the Tor Project to also issue a...
Tor Patched Against Zero Day Under Attack
Update The Tor Project has provided a browser update that patches a zero-day vulnerability being exploited in the wild to de-anonymize Tor users. “The security flaw responsible for this urgent release is already actively exploited on Windows systems. Even though there is currently, to the best of...