Saturday, July 20, 2024
EHA

Critical Tor Browser Bug “TorMoil” Allows to the Leakage of Your Real IP Address

A Critical Tor Browser Bug called “TorMoil” Allows to Leak your real IP Address that you’re using for Browsing especially this critical security vulnerability affecting Mac and Linux users.

Tor Browser is Providing good level of anonymity and security and you are able to gain access to .onion websites through your dark web browser.

It prevents some person viewing your Internet connection from realizing what websites you visit, it prevents the websites you visit from learning your physical location, and it gives you a chance to get to websites which are blocked.

According to Segment a Firefox bug in handling file:// URLs it is possible on both systems that users leak their IP address. Once an affected user navigates to a specially crafted web page, the operating system may directly connect to the remote host, bypassing Tor Browser

Apart from This Tor Browser Bug , Torrent file-sharing applications have been observed to ignore proxy settings and make direct connections even when they are told to use Tor. so this is already warned by Tor Team that don’t use Torrent file-sharing.

Also Read :   TOR and VPN Anonymous enough for Dark Web

Even if your torrent application connects only through Tor, you will often send out your real IP address in the tracker GET request, because that’s how torrents work

After Reporting This Bug to Tor team Started working with the help of Mozilla engineers This Critical Bug Successfully fixed by Tor Security Experts and Release Patch with Tor Browser 7.0.9 version update. Tor Browser 7.0.9 is now available for both macOS and Linux Users.

According to Tor Team, We are currently preparing updated macOS and Linux bundles for our alpha series which will be tentatively available on Monday, November 6. Meanwhile, macOS and Linux users on that series are strongly encouraged to use the stable bundles or one of the above-mentioned tools that are not affected by the underlying problem.

If you are one of those people that rely on Tor Browser to safely browse the Internet, the message is just one: keep your Tor Browser updated!

Tor Browser Bug Fix for OS X and Linux.

  • OS X – Bug 24052: Streamline handling of file:// resources
  • Linux – Bug 24052: Streamline handling of file:// resources
Website

Latest articles

Hackers Claiming Dettol Data Breach: 453,646 users Impacted

A significant data breach has been reported by a threat actor known as 'Hana,'...

CrowdStrike Update Triggers Widespread Windows BSOD Crashes

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users,...

Operation Spincaster Disrupts Approval Phishing Technique that Drains Victim’s Wallets

Chainalysis has launched Operation Spincaster, an initiative to disrupt approval phishing scams that have...

Octo Tempest Know for Attacking VMWare ESXi Servers Added RansomHub & Qilin to Its Arsenal

Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which...

TAG-100 Actors Using Open-Source Tools To Attack Gov & Private Orgs

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and...

macOS Users Beware Of Weaponized Meeting App From North Korean Hackers

Meeting apps are often targeted and turned into weapons by hackers as they are...

Hackers Exploiting Legitimate RMM Tools With BugSleep Malware

Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles