Search the Community

[hide][Hidden Content]]

Two 0-days discovered in Tor, and more are expected. Dr. Neal Krawetz is a security researcher who, in recent years, has repeatedly reported security breaches to the Tor Project, but, in his opinion, he believes that the security of his networks, tools and users is not taken. seriously enough. For this reason, Dr. Neal Krawetz published last week and today on his blog, technical details about two 0-day vulnerabilities that affect the Tor network and the Tor browser. The researcher has also promised to reveal at least three more 0-days of Tor, including one that can reveal the real-world IP address of Tor servers. Tor's first 0-day. In a blog post dated July 23, [Hidden Content] the researcher describes how companies and Internet service providers could block users from connecting to the Tor network by scanning network connections for "a distinctive packet signing» that is unique to Tor traffic. This bug could be used as a way to block Tor connections from starting and ban Tor entirely. The second 0-day of Tor. Today, in a new blog post, [Hidden Content] he reveals a second flaw that, like the first one, allows network operators to detect Tor traffic. However, while the first day zero could be used to detect direct connections to the Tor network (to the Tor guard nodes), the second day can be used to detect indirect connections. These are connections that users make to Tor bridges, a special type of entry point on the Tor network that can be used when businesses and ISPs block direct access to the Tor network. Tor bridges act as proxy points and transmit user connections to the Tor network itself. Because they are sensitive Tor servers, the list of Tor bridges is constantly updated to make it difficult for ISPs to block it. But Dr. Krawetz says that connections to Tor bridges can be easily detected, too, using a similar technique of tracking specific TCP packets. “Between my previous blog post and this one, you now have everything you need to enforce the policy [of blocking Tor on a network] with a real-time stateful packet inspection system. You can prevent all your users from connecting to the Tor network, whether they connect directly or use a bridge. " DR. KRAWETZ.

[Hidden Content]

[Hidden Content]

how do I make two publications that are not spam to unlock my account thanks

Ransomware Forces Two Chemical Companies to Order ‘Hundreds of New Computers’ It appears that LockerGoga, the same ransomware that hit aluminum manufacturing giant Norsk Hydro this week, also infected American chemicals companies Hexion and Momentive, leaving employees locked out of their computers.

A few months ago, an anonymous user uploaded a PDF file to the online platform VirusTotal in order to see if it was detected by any of the more than 50 antivirus engines that have this platform or, otherwise, none of them detected it .This PDF file apparently seemed harmless and could have been a user who, after downloading it, wanted to verify that it did not hide anything. However, it seems that this PDF file hid something quite serious. This PDF file immediately called the attention of several security researchers subscribed to the platform, researchers who soon began to analyze it in depth.Within this PDF file they have been able to find two very dangerous exploits that took advantage of two security flaws still unknown in the Adobe software and in Windows. The Adobe vulnerability ( CVE-2018-4990 ) is a failure to execute remote code, while the Windows security failure ( CVE-2018-8120 ) is a privilege escalation failure to be able to execute code at the highest level of permits. The PDF file did not include the final payload and was not 100% complete, so it is believed that it has never been used. Neither this malicious PDF , nor the exploits that it hid, had never been seen on the network until they were sent to VirusTotal. It is not well known why this PDF came to this online security platform, whether it was from someone who got it in some way or by some rookie hackerwho does not know that all the files sent to VirusTotal are sent to security companies and researchers, even if apparently clean, for in-depth analysis. What is certain is that, thanks to VirusTotal, we have been able to avoid a series of very dangerous computer attacks, being able to know the vulnerability before it was used to endanger the security of the users. Update Windows and Adobe to protect yourself from these two vulnerabilities This PDF was detected in March of this same year, and in the second week of May Microsoft and Adobe released their corresponding security patches without giving specific details about these security flaws. However, in order to give system administrators enough time to update their infrastructures, it has not been until now that Microsoft and Adobe have made public the vulnerabilities that have been detected thanks to this PDF uploaded to VirusTotal . To protect ourselves from these two failures and make these exploits useless, we must install the latest Windows and Adobe security patches. These vulnerabilities were already solved the second week of May with the corresponding patches, so, installing these patches we will be fully protected. What do you think of these two security flaws discovered and solved thanks to VirusTotal?