Tech Republic Security

OCTOBER 27, 2023

Read our in-depth analysis of TunnelBear VPN, covering its pricing, ease of use, security features, and more. Find out if this is the right VPN for you.

VPN 186

VPN 186

Tech Republic Security

SEPTEMBER 27, 2023

Atlas VPN is a budget-friendly VPN that offers a unique IP address swapping feature perfect for privacy enthusiasts.

VPN 173

VPN 173

Tech Republic Security

NOVEMBER 7, 2023

VPN is a secure and customizable solution. Read this comprehensive review to learn about its features, performance, pricing, and more.

VPN 185

VPN 185

Tech Republic Security

OCTOBER 9, 2023

When it comes to privacy and security, PIA VPN is among the best. Discover its features, performance, pricing and more with this in-depth review.

VPN 190

VPN Internet Internet 190

Tech Republic Security

OCTOBER 6, 2023

Read our comprehensive review of IPVanish VPN. Discover its features, pricing, and more to determine if it meets your online security and privacy needs.

VPN 183

VPN 183

Tech Republic Security

MAY 24, 2023

Enterprise VPNs are critical for connecting remote workers to company resources via reliable and secure links to foster communication and productivity. The post The top 6 enterprise VPN solutions to use in 2023 appeared first on TechRepublic. Read about six viable choices for businesses.

VPN 158

VPN Software 158

Tech Republic Security

OCTOBER 2, 2023

In this comprehensive review of Cyberghost VPN, we cover its features, pricing, security, and overall performance. Find out if this is the right VPN for you.

VPN 170

VPN 170

Tech Republic Security

SEPTEMBER 26, 2023

Which VPN is better, ProtonVPN or AtlasVPN? Read our in-depth comparison to decide which one fits you in terms of pricing, key features and more.

VPN 174

VPN Software Network Security 174

Tech Republic Security

OCTOBER 20, 2023

Read this in-depth comparison to find out which VPN provider comes out on top in terms of features, security, speed, and more. NordVPN or ExpressVPN?

VPN 174

VPN 174

The Hacker News

MAY 3, 2025

The activity, which lasted from at least May 2023 to February 2025, entailed "extensive espionage operations and suspected network prepositioning a tactic often used to maintain persistent access for future

VPN 119

VPN Malware 119

Krebs on Security

NOVEMBER 21, 2024

technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. Some SMS phishing messages told employees their VPN credentials were expiring and needed to be changed; other phishing messages advised employees about changes to their upcoming work schedule. com and ouryahoo-okta[.]com.

Identity Theft 271

Identity Theft Phishing Cryptocurrency Accountability 271

Tech Republic Security

JANUARY 10, 2024

While its small server suite may be a dealbreaker, Mullvad VPN’s strong focus on privacy sets it apart from other VPNs on the market. Read more below.

VPN 183

VPN Marketing 183

Tech Republic Security

DECEMBER 12, 2023

Mozilla VPN’s fast performance may not be enough to make up for its small server network and lack of features. Learn more about it in our full review below.

VPN 183

VPN 183

Tech Republic Security

DECEMBER 7, 2023

Norton VPN’s small server network and lack of notable features make it hard to recommend over other available VPNs today. Read our full review to learn more.

VPN 179

VPN 179

Tech Republic Security

DECEMBER 11, 2023

Hotspot Shield’s speed-oriented features may not be enough to overcome its lack of testing and questionable data logs. Read more in our full review below.

VPN 176

VPN 176

Security Affairs

NOVEMBER 26, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the Array Networks AG and vxAG ArrayOS flaw CVE-2023-28461 (CVSS score: 9.8) Attackers can exploit the SSL VPN gateway by accessing the filesystem via an HTTP header flags attribute and a vulnerable URL without authentication. ” reads the advisory.

VPN 113

VPN Authentication Hacking Risk 113

Security Affairs

NOVEMBER 13, 2024

In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware.

VPN 125

VPN Government Malware Manufacturing 125

Security Affairs

APRIL 12, 2025

The cybersecurity firm revealed that attackers exploited known FortiGate flaws like CVE-2022-42475 , CVE-2023-27997 , and CVE-2024-21762 to gain persistent read-only access via a symlink in SSL-VPN language folders. ” Fortinet pointed out that only devices with SSL-VPN enabled are impacted. . FortiOS 7.4,

VPN 104

VPN Engineering Hacking Cybersecurity 104

Tech Republic Security

NOVEMBER 7, 2023

Speedify VPN offers speed-centered features that may not make up for its lack of security and pricey plan. Find out how this VPN measured up in our review.

Security Performance 168

Security Performance VPN 168

Tech Republic Security

SEPTEMBER 22, 2023

ProtonVPN is an all-around VPN that operates under Switzerland’s strong privacy laws, setting it apart from other services in the market.

VPN 179

VPN Marketing 179

Penetration Testing

DECEMBER 18, 2024

Fortinet, a leading cybersecurity vendor, has issued urgent advisories regarding several critical vulnerabilities affecting its popular products, including FortiClient VPN, FortiManager, and FortiWLM.

VPN 67

VPN Passwords Cybersecurity 67

Security Affairs

JANUARY 24, 2025

Earliest evidence dates to September 2023, but the experts have yet to determine the initial access method. Lumen’s telemetry shows that roughly 50% of the targeted enterprise devices are configured as a virtual private network (VPN) gateway.

Malware 124

Malware VPN Encryption Hacking 124

Security Affairs

SEPTEMBER 28, 2023

Cisco released security updates for an actively exploited zero-day flaw (CVE-2023-20109) that resides in the GET VPN feature of IOS and IOS XE software. The vulnerability resides in the Group Encrypted Transport VPN (GET VPN) feature of IOS and IOS XE. ” reads the advisory published by the IT giant.

VPN 136

VPN Software Encryption Authentication 136

Security Affairs

NOVEMBER 9, 2024

Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software. In each of the cases, attackers initially accessed targets using compromised VPN gateways without multifactor authentication enabled. Some of these VPNs were running unsupported software versions.”

Backups 134

Backups Ransomware VPN Accountability 134

Security Affairs

NOVEMBER 3, 2024

Quad7 botnet, also known as CovertNetwork-1658 or xlogin, was first spotted in the summer of 2023 by security researcher Gi7w0rm. The botnet operators are targeting multiple SOHO devices and VPN appliances, including TP-LINK, Zyxel, Asus, D-Link, and Netgear, exploiting both known and previously unknown vulnerabilities.

Passwords 135

Passwords Wireless VPN Accountability 135

Security Affairs

JANUARY 14, 2025

The campaign likely began in November 2024, the campaign unfolded in four phases: vulnerability scanning (Nov 1623, 2024), reconnaissance (Nov 2227), SSL VPN setup (Dec 47), and lateral movement (Dec 1627). In the next phase (starting Dec 4, 2024), attackers targeted SSL VPN access by creating super admin accounts or hijacking existing ones.

Firewall 85

Firewall VPN Accountability Firmware 85

Tech Republic Security

OCTOBER 13, 2023

Find out if PureVPN is the right VPN service for you. Read the comprehensive PureVPN review to learn about its features, pricing, security and more.

VPN 160

VPN 160

The Hacker News

JANUARY 22, 2025

A previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon has been linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023, according to new findings from ESET.

VPN 123

VPN 123

Security Affairs

SEPTEMBER 8, 2023

CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus.

VPN 142

VPN Firewall Accountability Cybersecurity 142

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. The flaw CVE-2023-46805 (CVSS score 8.2) In December 2023, Volexity investigated an attack where an attacker was placing webshells on multiple internal and external-facing web servers.

VPN 130

VPN Authentication Small Business Telecommunications 130

Security Affairs

OCTOBER 9, 2023

IBM observed a credential harvesting campaign that is targeting Citrix NetScaler gateways affected by the CVE-2023-3519 vulnerability. IBM’s X-Force researchers reported that threat actors are conducting a large-scale credential harvesting campaign exploiting the recent CVE-2023-3519 vulnerability (CVSS score: 9.8)

VPN 136

VPN Authentication Cyber Attacks Passwords 136

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. The flaw CVE-2023-46805 (CVSS score 8.2) In December 2023, Volexity investigated an attack where an attacker was placing webshells on multiple internal and external-facing web servers.

VPN 130

VPN Malware Authentication Small Business 130

Security Affairs

FEBRUARY 1, 2024

Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices. Mandiant researchers discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices.

VPN 138

VPN Malware Authentication Hacking 138

Krebs on Security

JUNE 15, 2023

.” Meanwhile, this week we learned more details about the ongoing exploitation of a zero-day flaw in a broad range of virtual private networking (VPN) products made by Fortinet — devices many organizations rely on to facilitate remote network access for employees. “Patch your #Fortigate.” “Patch your #Fortigate.”

Risk 280

Risk VPN Internet Internet 280

Security Affairs

APRIL 30, 2025

. “The analyses of the TTPs used during APT28 campaigns since 2021 and the recommendations published in October of 2023 remain relevant and may be consulted on the website of the CERT-FR” APT28’s attack chain begins with phishing and brute-force attacks, along with zero-day exploitation (e.g. CVE-2023-23397 ).

Government 116

Government Phishing DNS VPN 116

Malwarebytes

OCTOBER 11, 2023

In other news, both LockBit and the Akira ransomware gang, the latter of which has tallied 125 victims since we first began tracking them in April 2023, were confirmed last month to be exploiting a specific zero-day flaw ( CVE-2023-20269 ) in Cisco VPN appliances. In September, they had a staggering 53 victims.

Ransomware 142

Ransomware Social Engineering Backups Engineering 142

Security Affairs

FEBRUARY 9, 2024

Fortinet warns that the recently discovered critical remote code execution flaw in FortiOS SSL VPN, tracked CVE-2024-21762, is being actively exploited. The vendor recommends to disable SSL VPN as a workaround. “Workaround : disable SSL VPN (disable webmode is NOT a valid workaround). ” reads the advisory.

VPN 134

VPN Firmware Malware Government 134