Lucene search
+L

56 matches found

CVE
CVE
added 2020/11/13 6:30 p.m.90 views

CVE-2020-26230

CVE-2020-26230 affects Radar COVID (Spain) where positives uploading TEKs to the backend can be identified/de-anonymized by an on-path observer. Root cause: backend communication is made only by COVID-19 positives, enabling traffic correlation across networks (MNOs/ISPs/VPNs or on-path attackers)...

7.4CVSS5.4AI score0.01645EPSS
Exploits1References12Affected Software2
Hacker One
Hacker One
added 2019/10/26 9:18 a.m.80 views

Imgur: De-anonymization Attack: Cross Site Information Leakage

Dear Imgur Security Team, We are researchers at the IMDEA Software Institute in Madrid, Spain. We have been working on analyzing Cross-Site Browser Leaks xsleaks and building a tool for finding instances of it on target web sites. Recently we tested imgur.com and discovered a flaw that can affect...

Exploits0
Packet Storm
Packet Storm
added 2018/09/11 12:0 a.m.109 views

Tor Browser 7.0.8 Information Disclosure

Hi, there is the details for CVE-2017-16541 Tor Browser information disclosure, More infos at: https://www.wearesegment.com/research/tormoil-deanonymize-tor-browser-users-with-automount/ Tor Browser version 7.0.8, and probably prior, for Mac OS X and Linux, is affected by an information disclosur...

4.3CVSS6.2AI score0.03662EPSS
Exploits4
ThreatPost
ThreatPost
added 2018/06/01 8:47 p.m.47 views

Browser Side-Channel Flaw De-Anonymizes Facebook Data

A side-channel vulnerability in Google Chrome and Mozilla Firefox allows drive-by de-anonymization of Facebook users. An exploit would allow an attacker to pick up the profile picture, username and the “likes” of unsuspecting visitors who find themselves landing on a malicious website – with no...

7.2CVSS0.4AI score0.414EPSS
Exploits19References8
Hacker One
Hacker One
added 2017/12/02 12:41 a.m.16 views

Tor: De-anonymization by visiting specially crafted bookmark.

There is a way to import logs in 'about:memory' from local disk, however, tested on windows you can pass a network url that may point to attack controlled server which logs IP's. This connection is done by windows presumably and so doesn't hide real IP of Tor user. 1. Have victim drag and drop an...

2AI score
Exploits0
Securelist
Securelist
added 2017/10/24 9:0 a.m.129 views

Dangerous liaisons

It seems just about everyone has written about the dangers of online dating, from psychology magazines to crime chronicles. But there is one less obvious threat not related to hooking up with strangers – and that is the mobile apps used to facilitate the process. We're talking here about...

7AI score
Exploits0
rdot
rdot
added 2017/01/24 12:0 a.m.526 views

Деанонимизация пользователей Darknet(TOR, i2p(d), etc) & SOX &VPN аудиозакладками

Вообщем то ссылка на 33с3 уже была запощена в основном топике, но я хотел бы акцентировать общее внимание на презентацию Talking Behind Your Back On the Privacy & Security of the Ultrasound Tracking Ecosystem от Vasilios Mavroudis и Federico Maggi. Вкратце, суть такова: В 2012 году была основана...

0.3AI score
Exploits0
ThreatPost
ThreatPost
added 2016/12/12 1:47 p.m.24 views

Alpha Version of Sandboxed Tor Browser Released

A sandboxed version of the Tor Browser was released over the weekend, and while there are still some rough edges and bugs – potentially major, according to the developer– it could be the first step toward protecting Tor users from recent de-anonymization exploits. Yawning Angel, a longtime Tor...

7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2016/06/24 12:0 p.m.12 views

Selfrando Technique Mitigates Attacks Unmasking Tor Users

The FBI’s apparent capability to unmask users of the Tor Network has caused hand-wringing among those concerned with privacy and civil liberties, many of whom are busy trying to win legal battles to get law enforcement to confess as to how they’re doing it. A team of academics and researchers,...

0.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2014/12/09 2:13 p.m.20 views

Yik Yak Patches Privacy Flaw in iOS App

Yik Yak, an application that allows users to share purportedly anonymous status updates with others near them, has fixed a critical vulnerability in its iOS app that could have de-anonymized users and let attackers take total control of someone’s account. Yik Yak’s security team was apparently...

6.7AI score
Exploits0References6
The Hacker News
The Hacker News
added 2014/07/23 8:35 p.m.13 views

Researchers Demonstrate Zero-Day Vulnerabilities in Tails Operating System

The critical zero-day security flaws, discovered in the privacy and security dedicated Linux-based Tails operating system by the researcher at Exodus Intelligence that could help attackers or law enforcements to de-anonymize anyone’s identity, actually lie in the I2P software that’s bundled with...

7.2AI score
Exploits0
Prion
Prion
added 2014/05/27 12:55 a.m.14 views

Design/Logic Flaw

The blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by 1 using a screen reader or 2 reading the HTML source...

4CVSS6.5AI score0.01688EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2014/05/27 12:55 a.m.27 views

CVE-2014-0215

The blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by 1 using a screen reader or 2 reading the HTML source...

4CVSS5.9AI score0.01688EPSS
Exploits0References4
Cvelist
Cvelist
added 2014/05/27 12:0 a.m.28 views

CVE-2014-0215

The blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by 1 using a screen reader or 2 reading the HTML source...

5.8AI score0.01688EPSS
Exploits0References3
CVE
CVE
added 2014/05/27 12:0 a.m.62 views

CVE-2014-0215

CVE-2014-0215 affects Moodle versions up to 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3. The vulnerability stems from the blind-marking implementation, allowing remote authenticated users to de-anonymize student identities by (1) using a screen reader or (2) reading th...

4CVSS5.9AI score0.01688EPSS
Exploits0References3Affected Software1
ThreatPost
ThreatPost
added 2011/10/28 2:58 p.m.24 views

New Tor Release Fixes De-Anonymization Attack

The Tor Project has released a new version of its client software to fix a serious vulnerability that allows an attacker to strip users of their anonymity on the network. The new version also includes a number of other security and privacy fixes. The attack that enables the anonymity stripping...

5.8CVSS1.1AI score0.01203EPSS
Exploits0References3
Rows per page
Query Builder