Click any tag below to further narrow down your results
Links
This article explains what an IP address is and its role in your online activities. It covers how to find your IP address, the benefits of changing it, and the importance of privacy and security when using the internet.
SoundCloud confirmed a cyberattack that compromised data from 20% of its users, including email addresses and public profile information. The company quickly contained the breach and is enhancing its security measures to prevent future incidents. Misconfigurations caused temporary issues for some users on VPNs, but SoundCloud is working to resolve them.
The Russian government is escalating efforts to block WhatsApp, following similar actions against Telegram. WhatsApp users can only access the service through VPNs, but the government is targeting those as well. Meta, WhatsApp's parent company, has been labeled "extremist" in Russia.
NetBird offers a straightforward solution for secure remote access, allowing teams to connect to resources quickly without complex setups. It supports various platforms and can be self-hosted, giving users flexibility and control over their infrastructure.
A report from At-Bay reveals that organizations using Cisco and Citrix VPNs are nearly seven times more likely to experience ransomware attacks compared to those without VPNs. The findings suggest that the complexity of these devices can lead to security vulnerabilities, emphasizing the need for companies to consider cloud-based solutions.
The article details a method for bypassing Imgur's geo-block on UK users by creating a network-level proxy. It uses a combination of Docker containers, including Gluetun for VPN connectivity and Nginx for proxying requests. This setup allows all devices on the author's network to access Imgur without installing individual VPN clients.
Mullvad VPN has introduced GotaTun, a Rust-based implementation of WireGuard designed to improve stability and performance, especially on Android. It replaces the older wireguard-go, which had been prone to crashes, showing a significant drop in user-reported issues since its rollout. Future plans include expanding GotaTun to other platforms and enhancing performance further.
ExpressVPN has addressed a vulnerability in its Windows client that allowed Remote Desktop Protocol (RDP) traffic to bypass the VPN tunnel, potentially exposing users' real IP addresses. The issue stemmed from leftover debug code in production builds, and the company has since released a patch to fix it, urging users to update to the latest version for improved security. While the leak affected a small number of users primarily using RDP, ExpressVPN will enhance its internal checks to prevent similar issues in the future.
Ingram Micro is experiencing significant outages due to a ransomware attack attributed to the SafePay group, which has compromised internal systems and led to the shutdown of their online services. The attack is believed to have been initiated through compromised credentials used to access the company's GlobalProtect VPN, though Ingram Micro has not publicly confirmed the full extent of the attack. As of now, the company is working to restore affected systems and has begun processing certain orders again.
A recent study highlights significant data leaks associated with popular free VPN apps available on iOS and Android. Despite their claims of privacy protection, many of these applications have been found to expose sensitive user data, raising concerns about their reliability and the true safety they offer to users.
The article provides an in-depth analysis of VPNs, explaining their purpose, how they work, and the various types available. It discusses the benefits and limitations of using VPNs for privacy and security online, addressing common misconceptions and offering tips for choosing the right service.
Octelium is a free, open-source platform designed for unified zero trust secure access, functioning as a versatile solution for remote access VPNs, ZTNA, API gateways, and more. It offers scalable identity-based, application-layer access control and supports both client-based and clientless access methods. The platform is self-hosted and designed for easy deployment on Kubernetes, making it suitable for various use cases including homelab setups and containerized application management.
FreeVPN.One, initially a trusted VPN, has been caught secretly capturing users' screens and sensitive information without consent through a series of updates that expanded its permissions and functionality. Despite claiming to protect user privacy, the extension employs deceptive practices to surveil users, raising serious concerns about security in browser marketplaces. The article highlights the risks associated with malicious extensions and the need for better oversight in software security.
Over 100 malicious Chrome browser extensions disguised as legitimate tools, including VPNs and AI assistants, have been identified as part of a campaign to steal user information and execute remote scripts. These extensions can hijack browser cookies and modify network traffic, posing significant security risks to users. Despite the removal of many of these extensions by Google, some remain available, highlighting the ongoing threat to unsuspecting users.
Netmaker is a platform for creating and managing WireGuard networks, offering features like remote access gateways and site-to-site connections. It provides an easy setup process for deploying a Netmaker server on a cloud VM and includes automation for virtual networks across various environments. The platform is suitable for both small businesses and enterprises, supporting customization for different use cases including Kubernetes.
Fortinet has alerted customers that threat actors are exploiting a technique to maintain read-only access to compromised FortiGate VPN devices, even after vulnerabilities have been patched. The attackers create symbolic links in the device's file system, allowing them to access sensitive information despite updates meant to address the initial breaches. A wave of these attacks has been reported since early 2023, prompting Fortinet and CERT-FR to advise affected users to take immediate action to secure their devices.
Tailscale simplifies network connectivity by allowing easy device connections without complex configurations, leveraging WireGuard technology. The article discusses personal experiences, including features like MagicDNS, service exposure, and authentication improvements, alongside important security considerations like using ACLs and tags for access control. It emphasizes the user-friendly aspects and potential pitfalls encountered during setup and management.
SonicWall has alerted customers that two vulnerabilities in its Secure Mobile Access (SMA) appliances are being actively exploited. The vulnerabilities, CVE-2023-44221 and CVE-2024-38475, allow for command injection and unauthorized code execution, respectively, and affect several SMA device models. Users are urged to update to the latest firmware to mitigate risks and review their systems for unauthorized access.
Transitioning from traditional VPNs to HashiCorp Boundary has streamlined and enhanced secure remote access for both personal and business use. Boundary's identity-based, zero-trust model eliminates the complexities of manual key management and network exposure, offering a more secure and efficient way to access specific resources. Future plans include automating configurations with Terraform and integrating additional identity providers for improved security.
Choosing the right VPN involves understanding its limitations and realistic benefits, such as bypassing internet censorship and securely accessing corporate networks. While VPNs can enhance privacy by masking your IP address, they do not guarantee complete anonymity or protection from all security threats. Key factors to consider when selecting a VPN include the provider's claims, trustworthiness, and business model.
SonicWall is investigating a surge of ransomware incidents affecting its Gen 7 firewalls, linked to a potential zero-day vulnerability in its SSL VPN services. The company is collaborating with third-party threat research teams to assess the situation and has advised customers to disable SSL VPN services where feasible and implement security measures to mitigate risks. Previous attacks have exploited similar vulnerabilities, highlighting ongoing concerns about the security of SonicWall's products.
Wireguard is emerging as a modern, efficient VPN solution, but existing hardware implementations are costly and proprietary. This project aims to create an open-source FPGA implementation of Wireguard using SystemVerilog, targeting affordability and accessibility for educational institutions while laying the groundwork for future enhancements and optimizations.
A datacenter fire in South Korea has taken over 600 government services offline, while DJI loses a lawsuit regarding its ties to the Chinese military. India mandates two-factor authentication for digital payments, and GreatFire.org launches a new VPN to combat China's Great Firewall. Additionally, APNIC proposes extending the term length for its executive council members.
Firezone is an open-source platform designed to provide secure remote access for organizations of any size, utilizing a fast, scalable, and private approach built on WireGuard®. It features granular access management, supports various authentication methods, and allows for easy deployment and configuration, while also being free for self-hosting with limitations on support.
OpenVPN is offering a limited-time 50% discount on the first year for startups through their Builder's Corner program, which also includes additional benefits such as SEO support and specialized training on network security. The program aims to assist startups in achieving SOC2 compliance and enhancing their network security strategies.