article thumbnail

New VPN Backdoor

Schneier on Security

A newly discovered VPN backdoor uses some interesting tactics to avoid detection: When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can’t be leveraged by competing groups or detected by defenders.

VPN 338
article thumbnail

Hardening Your VPN

Schneier on Security

The NSA and CISA have released a document on how to harden your VPN.

VPN 340
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. How AI and automation are amplifying the scale and sophistication of VPN attacks.

VPN 133
article thumbnail

Malwarebytes acquires AzireVPN to fuel additional VPN features and functionalities 

Malwarebytes

Today I have great news to share: We’ve acquired AzireVPN, a privacy-focused VPN provider based in Sweden. Malwarebytes has long been an advocate for user privacy (think Malwarebytes Privacy VPN and our free web extension Malwarebytes Browser Guard). What does this mean for existing Malwarebytes Privacy VPN customers?

VPN 132
article thumbnail

Chinese-Owned VPNs

Schneier on Security

TTP was able to determine the Chinese ownership of the 20 VPN apps being offered to Apple’s U.S. The ownership of many appeared deliberately opaque, with several concealing their structure behind layers of offshore shell companies. users by piecing together corporate documents from around the world.

VPN 304
article thumbnail

China-linked actor’s malware DeepData exploits FortiClient VPN zero-day

Security Affairs

Chinese threat actors use custom post-exploitation toolkit ‘DeepData’ to exploit FortiClient VPN zero-day and steal credentials. Volexity researchers discovered a vulnerability in Fortinet’s Windows VPN client that China-linked threat actor BrazenBamboo abused in their DEEPDATA malware. ” reads the advisory.

VPN 115
article thumbnail

Do you actually need a VPN? Your guide to staying safe online!

Webroot

So maybe you’ve heard of VPNs but aren’t actually sure what they are. Simply put, a VPN creates a safe, anonymous pathway for the data you send and receive over a Wi-Fi network, allowing you to browse anonymously and access content as if you were in a different location. Do you really need a VPN for personal use? Why use a VPN?

VPN 111