Multiple zero-days in Tor have been disclosed online

After unsuccessfully trying to report bugs to the Tor Project for years, a security researcher has publicly disclosed two zero-day vulnerabilities which impact both the Tor network and the Tor browser.

In two recent blog posts, Dr. Neal Krawetz announced that he has decided to go public with details on multiple zero-days in Tor after the Tor Project failed to address the security issues he reported. Krawetz also plans to reveal at least three more Tor zero-days including one that can be exploited to show the real-world IP addresses of Tor servers.

Source Article

Frederic M. Kolodziej

Next Post

VPN increasingly being used to penetrate organizations

Thu Jul 30 , 2020
Security researchers from Claroty have discovered multiple vulnerabilities that could be exploited to allow unauthenticated attackers to execute arbitrary code while analyzing a number of popular remote access solutions used for Industrial Control Systems (ICS). The vulnerabilities the researchers found affect VPN implementations that are used to provide remote access […]