Enlarge (credit: Getty Images) Hardware manufacturer Zyxel has issued patches for a highly critical security flaw that gives malicious hackers the ability to take control of a wide range of firewalls and VPN products the company sells to businesses. The flaw is an authentication bypass vulnerability that stems from a lack of a proper access-control […]
Tag: vpns
VPN servers seized by Ukrainian authorities weren’t encrypted
Enlarge (credit: Getty Images) Privacy-tools-seller Windscribe said it failed to encrypt company VPN servers that were recently confiscated by authorities in Ukraine, a lapse that made it possible for the authorities to impersonate Windscribe servers and capture and decrypt traffic passing through them. The Ontario, Canada-based company said earlier this month that two servers hosted […]
More US agencies potentially hacked, this time with Pulse Secure exploits
Enlarge (credit: Getty Images) At least five US federal agencies may have experienced cyberattacks that targeted recently discovered security flaws that give hackers free rein over vulnerable networks, the US Cybersecurity and Infrastructure Security Agency said on Friday. The vulnerabilities in Pulse Connect Secure, a VPN that employees use to remotely connect to large networks, […]
Hackers are exploiting a Pulse Secure 0day to breach orgs around the world
Enlarge (credit: CHUYN / Getty Images) Hackers backed by nation-states are exploiting critical vulnerabilities in the Pulse Secure VPN to bypass two-factor authentication protections and gain stealthy access to networks belonging to a raft of organizations in the US Defense industry and elsewhere, researchers said. At least one of the security flaws is a zeroday, […]
Feds say hackers are likely exploiting critical Fortinet VPN vulnerabilities
Enlarge (credit: Getty Images) The FBI and the Cybersecurity and Infrastructure Security Agency said that advanced hackers are likely exploiting critical vulnerabilities in the Fortinet FortiOS VPN in an attempt to plant a beachhead to breach medium and large-sized businesses in later attacks. “APT actors may use these vulnerabilities or other common exploitation techniques to […]
Hackers are exploiting a backdoor built into Zyxel devices. Are you patched?
Enlarge (credit: Zyxel) Hackers are attempting to exploit a recently discovered backdoor built into multiple Zyxel device models that hundreds of thousands of individuals and businesses use as VPNs, firewalls, and wireless access points. The backdoor comes in the form of an undocumented user account with full administrative rights that’s hardcoded into the device firmware, […]
Apple lets some Big Sur network traffic bypass firewalls
Enlarge (credit: Patrick Wardle) Firewalls aren’t just for corporate networks. Large numbers of security- or privacy-conscious people also use them to filter or redirect traffic flowing in and out of their computers. Apple recently made a major change to macOS that frustrates these efforts. Beginning with Big Sur released last week, some 50 Apple-specific apps […]