Lucene search
K

134 matches found

The Hacker News
The Hacker News
added 2018/06/09 6:41 p.m.226 views

Russia to Fine Search Engines for Linking to Banned VPN services

In its years-long efforts to censor the Internet by blocking access to a large number of websites in the country, Russia has now approved a new bill introducing fines for search engines that provide links to banned sites, VPN services, and anonymization tools. VPNs, or Virtual Private Networks, a...

1.2AI score
Exploits0
ThreatPost
ThreatPost
added 2018/06/01 8:47 p.m.46 views

Browser Side-Channel Flaw De-Anonymizes Facebook Data

A side-channel vulnerability in Google Chrome and Mozilla Firefox allows drive-by de-anonymization of Facebook users. An exploit would allow an attacker to pick up the profile picture, username and the “likes” of unsuspecting visitors who find themselves landing on a malicious website – with no...

7.2CVSS0.4AI score0.414EPSS
Exploits19References8
Hacker One
Hacker One
added 2017/12/02 12:41 a.m.16 views

Tor: De-anonymization by visiting specially crafted bookmark.

There is a way to import logs in 'about:memory' from local disk, however, tested on windows you can pass a network url that may point to attack controlled server which logs IP's. This connection is done by windows presumably and so doesn't hide real IP of Tor user. 1. Have victim drag and drop an...

2AI score
Exploits0
Securelist
Securelist
added 2017/10/24 9:0 a.m.129 views

Dangerous liaisons

It seems just about everyone has written about the dangers of online dating, from psychology magazines to crime chronicles. But there is one less obvious threat not related to hooking up with strangers – and that is the mobile apps used to facilitate the process. We're talking here about...

7AI score
Exploits0
CNVD
CNVD
added 2017/07/05 12:0 a.m.43 views

Database Anonymization Arbitrary Code Execution Vulnerability in Multiple Odoo Products

Odoo formerly OpenERP and others are products of the Belgian company Odoo, an Enterprise Resource Planning ERP and Customer Relationship Management CRM system; Odoo Community Edition is its Community Edition; Odoo Enterprise Edition is its Enterprise Edition.Database Database Anonymization module...

8.5CVSS7.4AI score0.0359EPSS
Exploits2References1
OSV
OSV
added 2017/07/04 6:29 p.m.5 views

CVE-2017-10803

In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, insecure handling of anonymization data in the Database Anonymization module allows remote authenticated privileged users to execute arbitrary Python code, because unpickle is used...

6.5CVSS6AI score0.0359EPSS
Exploits2References1
NVD
NVD
added 2017/07/04 6:29 p.m.34 views

CVE-2017-10803

In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, insecure handling of anonymization data in the Database Anonymization module allows remote authenticated privileged users to execute arbitrary Python code, because unpickle is used...

8.5CVSS6.6AI score0.0359EPSS
Exploits2References1
Cvelist
Cvelist
added 2017/07/04 6:0 p.m.36 views

CVE-2017-10803

In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, insecure handling of anonymization data in the Database Anonymization module allows remote authenticated privileged users to execute arbitrary Python code, because unpickle is used...

6.6AI score0.0359EPSS
Exploits2References1
Exploit DB
Exploit DB
added 2017/06/30 12:0 a.m.426 views

Odoo CRM 10.0 - Code Execution

Vulnerability Summary The following advisory describe arbitrary Python code execution found in Odoo CRM version 10.0 Odoo is a suite of open source business apps that cover all your company needs: CRM, eCommerce, accounting, inventory, point of sale, project management, etc. Odoo’s unique value...

8.5CVSS6.7AI score0.0359EPSS
Exploits2
Imperva Blog
Imperva Blog
added 2017/06/08 3:30 p.m.24 views

Data Anonymization: Motivation and Mechanics

Data is one of the most valuable assets a company has in its possession. And while it may not be listed as a line item on the balance sheet, when a company’s data is breached it can have a very negative impact on the bottom line—in a company’s stock price, reputation and brand. One approach to...

6.8AI score
Exploits0
rdot
rdot
added 2017/01/24 12:0 a.m.523 views

Деанонимизация пользователей Darknet(TOR, i2p(d), etc) & SOX &VPN аудиозакладками

Вообщем то ссылка на 33с3 уже была запощена в основном топике, но я хотел бы акцентировать общее внимание на презентацию Talking Behind Your Back On the Privacy & Security of the Ultrasound Tracking Ecosystem от Vasilios Mavroudis и Federico Maggi. Вкратце, суть такова: В 2012 году была основана...

0.3AI score
Exploits0
ThreatPost
ThreatPost
added 2016/12/12 1:47 p.m.24 views

Alpha Version of Sandboxed Tor Browser Released

A sandboxed version of the Tor Browser was released over the weekend, and while there are still some rough edges and bugs – potentially major, according to the developer– it could be the first step toward protecting Tor users from recent de-anonymization exploits. Yawning Angel, a longtime Tor...

7AI score
Exploits0References11
FireEye
FireEye
added 2016/10/13 12:0 p.m.18 views

Operations of a Brazilian Payment Card Fraud Group

Introduction Brazil has been designated a major hub for financially motivated eCrime threat activity. Brazilian threat actors are targeting domestic and foreign entities and individuals, with frequent targeting of U.S. assets. The country routinely places in "Top Five" lists of various global cyb...

8.5AI score
Exploits0References1
Debian
Debian
added 2016/10/09 5:15 p.m.11 views

[SECURITY] [DLA 650-1] mat security update

Package : mat Version : 0.3.2-1+deb7u1 Debian Bug : 826101 An implementation flaw was discovered in mat, the metadata anonymisation toolkit. The implementation of PDF support lacks support to anonymize the metadata in embedded images. As there is no easy fix for this flaw, it was decided that PDF...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2016/06/24 12:0 p.m.12 views

Selfrando Technique Mitigates Attacks Unmasking Tor Users

The FBI’s apparent capability to unmask users of the Tor Network has caused hand-wringing among those concerned with privacy and civil liberties, many of whom are busy trying to win legal battles to get law enforcement to confess as to how they’re doing it. A team of academics and researchers,...

0.8AI score
Exploits0References3
n0where
n0where
added 2016/03/17 12:19 a.m.22 views

Adversary Resistant Computing Platform: SubgraphOS

Subgraph OS is an adversary resistant computing platform. The main purpose of Subgraph OS is to empower people to communicate, share, and collaborate without fear of surveillance and interference. What this means in practical terms is that users of Subgraph OS can safely perform their day-to-day...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2016/03/14 10:0 p.m.21 views

OnionCat - An Anonymous VPN-Adapter (P2P layer 3 VPN based on Tor or I2P)

OnionCat is a VPN-adapter which allows to connect two or more computers or networks through VPN-tunnels. It is designed to use the anonymization networks Tor or I2P as its transport, hence, it provides location-based anonymity while still creating tunnel end points with private unique IP addresse...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2015/04/24 10:26 p.m.15 views

Tor-Based Dark Web Email Service Targeted by Government Spies

The administrator of the popular Darknet email service, SIGAINT, is warning its users that the email service has become a target of a suspected law enforcement agency who tried to compromise it. About a week ago, SIGAINT has been targeted by an attacker who tried to hack the service by using near...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2014/12/09 2:13 p.m.19 views

Yik Yak Patches Privacy Flaw in iOS App

Yik Yak, an application that allows users to share purportedly anonymous status updates with others near them, has fixed a critical vulnerability in its iOS app that could have de-anonymized users and let attackers take total control of someone’s account. Yik Yak’s security team was apparently...

6.7AI score
Exploits0References6
The Hacker News
The Hacker News
added 2014/07/23 8:35 p.m.13 views

Researchers Demonstrate Zero-Day Vulnerabilities in Tails Operating System

The critical zero-day security flaws, discovered in the privacy and security dedicated Linux-based Tails operating system by the researcher at Exodus Intelligence that could help attackers or law enforcements to de-anonymize anyone’s identity, actually lie in the I2P software that’s bundled with...

7.2AI score
Exploits0
Rows per page
Query Builder