15 matches found
EUVD-2021-25608
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2023-36325
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i2p before 2.3.0 Java allows de-anonymizing the public IPv4 and IPv6 addresses of i2p hidden services aka eepsites via a correlation attack across the IPv4 and...
CVE-2024-47043
Ruijie Reyee OS vulnerable versions 2.206.x up to but not including 2.320.x fail to securely store/change credentials and expose customer data. Root causes include a weak password-change mechanism and a feature that could allow sub-accounts or attackers to view/exfiltrate sensitive information fr...
CVE-2023-36325
i2p before 2.3.0 Java allows de-anonymizing the public IPv4 and IPv6 addresses of i2p hidden services aka eepsites via a correlation attack across the IPv4 and IPv6 addresses that occurs when a tunneled, replayed message has a behavior discrepancy it may be dropped, or may result in a Wrong...
CVE-2023-36325
i2p before 2.3.0 Java allows de-anonymizing the public IPv4 and IPv6 addresses of i2p hidden services aka eepsites via a correlation attack across the IPv4 and IPv6 addresses that occurs when a tunneled, replayed message has a behavior discrepancy it may be dropped, or may result in a Wrong...
New Browser De-anonymization Technique
Researchers have a new way to de-anonymize browser users, by correlating their behavior on one account with their behavior on another: The findings, which NJIT researchers will present at the Usenix Security Symposium in Boston next month, show how an attacker who tricks someone into loading a...
CVE-2021-39246
Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. Exact timestamps of these onion-service visits are logged locally, and an attacker might be able to compare them to timestamp data collected by the...
Experts Create Apple AirTag Clone That Can Bypass Anti-Tracking Measures
Cybersecurity researchers have managed to build a clone of Apple Airtag that circumvents the anti-stalking protection technology built into its Find My Bluetooth-based tracking protocol. The result is a stealth AirTag that can successfully track an iPhone user for over five days without triggerin...
CVE-2021-39246
Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. Exact timestamps of these onion-service visits are logged locally, and an attacker might be able to compare them to timestamp data collected by the...
CVE-2021-39246
Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. Exact timestamps of these onion-service visits are logged locally, and an attacker might be able to compare them to timestamp data collected by the...
Design/Logic Flaw
Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. Exact timestamps of these onion-service visits are logged locally, and an attacker might be able to compare them to timestamp data collected by the...
CVE-2021-39246
Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. Exact timestamps of these onion-service visits are logged locally, and an attacker might be able to compare them to timestamp data collected by the...
CVE-2021-39246
CVE-2021-39246 affects Tor Browser versions up to 10.5.6 and 11.x up to 11.0a4. The issue enables a correlation attack that can compromise the privacy of visits to v2 onion addresses by logging exact timestamps of onion-service visits locally, which an attacker could compare with timestamp data f...
Bug in Apple's Find My Feature Could've Exposed Users' Location Histories
Cybersecurity researchers on Thursday disclosed two distinct design and implementation flaws in Apple's crowdsourced Bluetooth location tracking system that can lead to a location correlation attack and unauthorized access to the location history of the past seven days, thereby deanonymizing user...
Paper: NetFlow Data De-Anonymizes Tor Users
Tor Project leaders are trying to rein in concerns about an academic paper describing an end-to-end traffic correlation attack that could be used by a well-funded attacker such as a nation state to de-anonymize traffic on Tor. Executive director Roger Dingledine points out that the researchers...