Conversation

Notices

infosec-handbook.eu (infosechandbook@mastodon.at)'s status on Monday, 10-Sep-2018 12:12:10 EDT infosec-handbook.eu

Details about zero-day vulnerability in :tor: Tor Browser 7.x published on Twitter by security company:
https://www.zdnet.com/article/exploit-vendor-drops-tor-browser-zero-day-on-twitter/
– full bypass of the "Safest" security level of the NoScript extension
– allows malicious code to run inside the Tor Browser
– Tor Browser 8.x is not affected
– update to NoScript "Classic" version 5.1.8.7 / Tor Browser 8.x
#tor #vulnerability #anonymity #privay #security #zeroday #noscript #infosec #cybersecurity #update

In conversation Monday, 10-Sep-2018 12:12:10 EDT from mastodon.at permalink
1. comfyleftshe (copyleftie@freeradical.zone)'s status on Monday, 10-Sep-2018 15:30:06 EDT comfyleftshe
  in reply to
  
  @infosechandbook
  >In an email exchange with ZDNet, Zerodium CEO Chaouki Bekrar provided more details about today's zero-day.
  > ...
  > "This Tor Browser exploit was acquired by Zerodium many months ago as a zero-day and was shared with our government customers.
  > shared with our government customers
  are you fucking serious
  
  In conversation Monday, 10-Sep-2018 15:30:06 EDT from freeradical.zone permalink
  1. rugk (rugk@social.wiuwiu.de)'s status on Wednesday, 12-Sep-2018 17:37:41 EDT rugk
    in reply to
    
    @copyleftie @aussierockman @infosechandbook yes they are, that's their bad weaponlike business.
    
    In conversation Wednesday, 12-Sep-2018 17:37:41 EDT from social.wiuwiu.de permalink

Public

Notices