Search This Blog

Showing posts with label VPN. Show all posts

NordVPN agrees to 'private' server infringement


NordVPN, a VPN provider has affirmed an intrusion on one of its servers in Finland, although the damage done was nothing serious. There were no dubious records on the server. “We don't trace, retrieve or distribute users' data. It is almost impossible for the attacker to obtain usernames and identifications and also, the hacker couldn't decipher the VPN traffic to different servers,” says the company.



"The only probable way to exploit website traffic was by doing an individual and complex MiTM breach to prevent a private connection that attempted to locate nordvpn.com," commented the company on its website. The attack happened in March 2018, when an unapproved user located the NordVPN server in Finland. They used an "unsafe remote administration system" that the data hub provider had forgotten.  The company didn't know of any such system. The server misused was attached to NordVPN's server record on January 31.

The service provider caught the violation and dismissed the account on 20th March without notifying the network provider NordVPN. The company discovered the attack several months back and immediately discontinued its engagement with the data center provider and cleansed all the details on the borrowed servers. It didn't reveal the infringement instantly because the company had to investigate the rest of its system to prevent the same incident from happening again. It also stimulated the decryption of our systems.

"This took a while because of the complex infrastructure and more than 3000 servers that our firm handles," says NordVPN. The problem didn't stir any of NordVPN's other servers. The company says that it would need engaged providers to reach more formidable safety measures. "We are also moving all of our data centers to RAM and this process would take another one year to complete," says NordVPN. While the break won't have any meaningful result on user secrecy, it will create a negative image of the company in the internet society. “NordVPN is multiplying measures on user privacy. We have supported an administration safety inspection and we are striving on a secondary no-records examination for the moment and are planning a fault munificence project." NordVPN will start autonomous surface scrutiny of its data systems to ensure it doesn't miss any loopholes.

Looking For a Free VPN Service That’s Not Too Messy? Here’s All You Need To Know About TunSafe VPN Service

Not sure how to browse the internet safely away from the claws of hackers and cyber-cons? Not sure how to maintain cyber privacy?

TunSafe VPN is a solution to many such problems. It’s a free VPN service which aids people to connect with websites and social networks without revealing the channel.

It has been essentially developed and includes fresh features and better provisions.

The very high performing VPN follows the WireGuard protocol which enables it to help setup the secure VPN channels swiftly betwixt different platforms.

By way of the latest and most fresh cryptography-Curve25519, ChaCha20, Poly1305, BLAKE2 and HKDF, TunSafe ensures that no third-party hinder the user’s privacy.

All you need is simple configuration files which is specifically provided by the VPN provider..

For Downloading:


1. Go to https://tunsafe.com/
2. Click download.
3. Select the “Download TunSafe 1.4 installer”

For Installation:


1. Open the downloaded file
2. Complete the installation by pressing OK all the way.
3. Finally close it.
4. This is what will appear after that.

5. Click on connect.

6. The above is what will appear after that. This is the main window of TunSafe.

7. Drag the configuration file from the VPN provider onto Tunsafe’s window.

8. Confirm when the dialogue box pops up.


9. If everything works out well, a message will show that the VPN has been connected and the connection, established.

Various Platforms TunSafe Is Available For:
Desktop: Windows, Linux, OSX, Free BSD
Mobile: Android and iOS

Unlike most of the VPN services, TunSafe is free if cost and that’s what makes it better, more efficient and different from all the others.

For more details check www.tunsafe.com

Multiple VPN Applications Allow Attackers to Sidestep Authentication; Assists in Taking Control of Affected Systems




Enterprise VPN applications created by Palo Alto Systems, Pulse Secure, Cisco, and F5 Networks are reportedly known to have been 'storing' authentication and session cookies that too insecurely, as indicated by a DHS/CISA alert with a vulnerability note issued by CERT/CC, conceivably enabling attackers to sidestep authentication.

The caution issued on the 14th of April by the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) additionally expresses that a potential "attacker could exploit this vulnerability to take control of an affected system."

As detailed in the Common Weakness Enumeration database in CWE-311, the way that an application neglects to "encrypt sensitive or critical information before storage or transmission" could permit would-be attacker to intercept traffic information, read it and infuse malignant code/information to play out a Man-in-the-Middle (MitM) attack.

CERT/CC says:
The following products and versions store the cookie insecurely in log files:
- Palo Alto Networks GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS0 (CVE-2019-1573)
- Pulse Secure Connect Secure prior to 8.1R14, 8.2, 8.3R6, and 9.0R2
The following products and versions store the cookie insecurely in memory:
- Palo Alto Networks GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS0 (CVE-2019-1573)
- Pulse Secure Connect Secure prior to 8.1R14, 8.2, 8.3R6, and 9.0R2
-Cisco AnyConnect 4.7.x and prior

As indicated by this note "It is likely that this configuration is generic to additional VPN applications," which suggests that many VPN applications from an aggregate of 237 vendors can conceivably be affected by this data divulgence vulnerability.

Additionally, the vulnerability note composed by Carnegie Mellon University's Madison Oliver says that - "If an attacker has persistent access to a VPN user's endpoint or exfiltrates the cookie using other methods, they can replay the session and bypass other authentication methods. An attacker would then have access to the same applications that the user does through their VPN session."

While VPN applications from Check Point Software Technologies and pfSense were found to not be 'vulnerable', Cisco and Pulse Secure haven't yet issued any data with respect to this vulnerability. Palo Alto Networks have thusly published a security advisory with additional information on this data revelation vulnerability tracked as CVE-2019-1573.

F5 Networks then again, while being "aware of the insecure memory storage since 2013" chosen not to fix it and gives the following solution as a relief measure: "To mitigate this vulnerability, you can use a one-time password or two-factor authentication instead of password-based authentication."