Apple removed several virtual private network (VPN) apps from its App Store in Russia following a request from the Russian Government. Russia is tightening its citizens’ control over Internet access and forced Apple to remove several virtual private network (VPN) apps from its App Store in Russia following a request from Russia’s state communications watchdog […]
Check Point released hotfixes for a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively exploited in attacks in the wild. Check Point released hotfixes to address a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively being exploited in attacks in the wild. The vulnerability CVE-2024-24919 is a Quantum Gateway information disclosure issue. Threat actors […]
TunnelVision is a new VPN bypass technique that enables threat actors to spy on usersâ traffic bypassing the VPN encapsulation. Leviathan Security researchers recently identified a novel attack technique, dubbed TunnelVision, to bypass VPN encapsulation. A threat actor can use this technique to force a target userâs traffic off their VPN tunnel using built-in features […]
Russiaâs internet watchdog, âRoskomnadzorâ, has announced the ban of other VPN products, 15 VPN services are now illegal in Russia Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six more VPN services. The latest banned services are Betternet, Lantern, X-VPN, Cloudflare WARP, Tachyon VPN, PrivateTunnel. The total number of […]
The U.S. CISA and the NSA agencies have published guidance for securely using virtual private network (VPN) solutions. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for increasing the security of virtual private network (VPN) solutions. Multiple attacks against private organizations and government entities, especially during […]
Security firm Ivanti addressed a critical vulnerability in its Pulse Connect Secure VPN appliances that could be exploited to execute arbitrary code with root privileges. IT firm Ivanti released security updates to address multiple vulnerabilities in its Pulse Connect Secure VPN appliances. The most severe flaw, tracked as CVE-2021-22937 is a high-severity remote code execution […]
A critical vulnerability, tracked as CVE-2021-20019, in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. In October last year, experts reported a critical stack-based Buffer Overflow vulnerability, tracked as CVE-2020-5135, in SonicWall Network Security Appliance (NSA) appliances. At the time of the discovery, security experts from the Tripwire VERT […]
A flaw in Pulse Connect Secure VPN could allow an authenticated remote attacker to execute arbitrary code with elevated privileges. Ivanti addressed a high severity Buffer Overflow vulnerability in Secure VPN appliances that could allow a remote authenticated attacker to execute arbitrary code with elevated privileges. The vulnerability tracked as CVE-2021-22908, has received a CVSS […]
Pulse Secure VPN users were not able to login due to the expiration of a code signing certificate used to digitally sign and verify software components. Pulse Secure VPN users were not able to login after a code signing certificate used to digitally sign and verify software components has expired. Multiple users have reported on […]
A joint operation conducted by law European enforcement agencies resulted in the seizure of the infrastructure of three bulletproof VPN services. A joint operation conducted by law enforcement agencies from the US, Germany, France, Switzerland, and the Netherlands resulted in the seizure of the infrastructure used by three VPN bulletproof services. VPN bulletproof services are […]