Security news aggregator

Latest coverage for VPN

A VPN creates an encrypted tunnel between devices and a remote network, making its configuration and flaws important to privacy and access control.

42 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

VPN (virtual private network) creates an encrypted tunnel between a device and a VPN gateway, or between networks, across an untrusted network such as the internet. It is commonly used for remote access and site-to-site connectivity. Encryption protects traffic in transit between the tunnel endpoints, but it does not secure a compromised device, protect data after it reaches the destination, or automatically make the VPN provider trustworthy; logging and traffic visibility depend on its configuration and operator.

VPN gateways are high-value entry points: vulnerabilities in internet-facing appliances, weak protocols or configurations, and stolen credentials can enable unauthorized access to internal systems. Organizations should patch and securely configure gateways, require phishing-resistant or otherwise strong multi-factor authentication where practical, restrict access and segment remote sessions, and monitor authentication and connection logs. During an incident, VPN account and gateway records can help identify access, while compromised gateways may require credential resets and network-wide review.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 42 Filtered view

Ongoing Campaign May Be Grabbing Legacy Passwords From Fortinet FortiGate DevicesCybercriminals are selling access to 75,000 Fortinet FortiGate devices with VPN and web management interfaces, and the admin credentials appear to be legitimate and recently harvested as part of a still-live campaign, security experts warned.

Bank Info Security 2 months, 2 weeks ago

FBI: Chinese Hacker Extradition Sends a Global Message

Alleged Nation-State Hacker Being Held in Houston JailU.S. prosecutors allege 34-year-old Chinese national Xu Zewei operated under China’s Ministry of State Security to hack universities and firms during the pandemic, exploiting VPN and Exchange flaws and exfiltrating research data in a Silk Typhoon campaign.

Bank Info Security 2 months, 3 weeks ago

CISA Hunts for Cisco Backdoor Spotted on Federal Network

'Firestarter' Backdoor Can Survive Reboots, Upgrades and Standard FixesThe Cybersecurity and Infrastructure Security Agency issued an emergency directive warning a newly-discovered Cisco backdoor can survive routine remediation processes, forcing agencies to investigate edge devices that anchor federal firewall and VPN security.

Bank Info Security 3 months, 2 weeks ago

The Open Back Door: Industrial Remote Access

Why Remote Access to Industrial Operations Is the Biggest Unmanaged RiskRemote access has become one of the largest unmanaged attack surfaces in industrial operations. Legacy VPNs and jump servers expose OT environments to serious risk. Learn how Cisco Cyber Vision's Secure Equipment Access can secure vendor and engineer access while protecting critical infrastructure.

Bank Info Security 3 months, 2 weeks ago

Under Fire: Attackers Target Flaws in F5 and Citrix Gear

F5 Revises Severity of Flaw Disclosed Last YearFlaws in major application delivery and security platforms and VPN gateways are being actively exploited or targeted. Under fire: a vulnerability in F5 BIG-IP Access Policy Manager can facilitate remote code execution, and a "memory overread" flaw in NetScaler Application Delivery Controller.

Bank Info Security 4 months, 4 weeks ago

Trump Eyes VPN-Enabled Freedom.gov to Skirt EU Content Bans

State Department Project Reportedly Aims To Counter Global Content Moderation LawsThe Trump administration is discussing the launch of an online portal allowing unfettered access to content restricted elsewhere by governments. The administration has chaffed, in particular, at the European Digital Services Act, which governs how platforms handle illegal content.

Bank Info Security 6 months, 1 week ago

The Enduring Attack Surface of VPNs

Paper Traces Pandemic-Era Spike in AttacksOne way to look at the novel coronavirus pandemic: A societal experiment in how an oft-overlooked yet essential element of secure networking would stand up to an exploding user base. Unsurprisingly, the rapid uptake of virtual private networks by companies suddenly managing a remote workforce came with significant security costs.

Bank Info Security 6 months, 3 weeks ago

Urban VPN Proxy Spies on AI Chatbot Conversations

Browser Tools Capture Chatbot Data, Sell to Data Broker: Koi SecurityA browser extension promising a free clientless VPN for Chrome users has been harvesting conversations from artificial intelligence chatbot platforms and selling the data to third-party brokers. The data collection operates independently of the VPN functionality itself.

Bank Info Security 7 months, 3 weeks ago

Akira's SonicWall Hacks Are Taking Down Large Enterprises

Businesses That Inherit SSL VPNs Through M&A Activity Falling Victim, Warn ExpertsMultiple large enterprises that inherited SonicWall SSL VPN devices when they acquired a smaller entity have fallen victim to the Akira ransomware group, security researchers warn. Investigations of multiple intrusions found they began when attackers used "unmonitored and unrotated" credentials.

Bank Info Security 8 months, 3 weeks ago

Breach Roundup: the Qilin Hack That Wasn't

Also, Envoy Air Confirms Data Compromise Following Clop Extortion CampaignThis week, Qilin didn't hack a Spanish tax agency, Nexperia standoff, Envoy Air confirmed a data compromise, Experian Netherlands fined 2.7M euros, ToolShell used to breach global networks, flaws in TP-Link Omada and Festa VPN routers and a New York firm settled a cybersecurity investigation.

Bank Info Security 9 months, 2 weeks ago

Gone in 60 Minutes: Akira Defeats MFA for SonicWall SSL VPNs

'Opportunistic, Mass Exploitation' Campaign Surging, Say Cybersecurity ResearchersAttackers wielding Akira ransomware appear to be engaged in an "opportunistic, mass exploitation" of SonicWall SSL VPN servers, even when they're using the latest firmware and configured to require multifactor authentication one-time passwords, warn cybersecurity researchers.

Bank Info Security 11 months, 1 week ago

SonicWall Probes Potential Zero-Day After Ransomware Hits

Akira Ransomware Exploited MFA-Protected SonicWall SSL VPNs, Say ResearchersSonicWall said it is probing a surge in attacks against its Gen 7 firewalls, running various firmware versions, which have SSL VPN enabled. Researchers said attackers may have been exploiting a zero-day vulnerability and that multiple victims have been infected with Akira ransomware.

Bank Info Security 11 months, 2 weeks ago

VPN Use Surges as UK Online Safety Act Takes Effect

New UK Law Requiring Age-Verification Measures on Porn Sites Causes VPN Use to SoarFree virtual private network services are soaring to the top of the app charts in the United Kingdom after a new law went into effect Friday requiring platforms that contain adult content - including sites like X and Reddit - to confirm users' ages through "robust" verification measures.

Island CEO Mike Fey on Drivers for SASE, Identity Features in Enterprise BrowserIsland co-founder and CEO Mike Fey outlines how the enterprise browser is evolving through AI, SASE and hyperscaler investments to enhance governance, reduce backhaul traffic and support secure access across diverse industries such as healthcare and finance.

Trojanized NetExtender Installer Exfiltrates Data to Hardcoded IP AddressFake versions of SonicWall VPN software contain a credential-stealing Trojan, the California network security company warned Monday. Imposter versions of tools such as VPNs, virtual desktops and software development tools "are often laced with infostealers."

More Evidence Surfaces of Chinese Hackers Targeting Ivanti ProductsA suspected Chinese cyberespionage operation is behind a spate of malware left on VPN appliances made by Ivanti. The threat actor used a critical security vulnerability the Utah company patched in February. "We are aware of a limited number of customers whose appliances have been exploited."

Bank Info Security 1 year, 3 months ago

Rootkit, Backdoor and Tunneler: Ivanti Malware Does It All

CISA Publishes Anatomy of Advanced Ivanti VPN MalwareHackers using Trojans connected to a malware family deployed by Chinese nation-state hackers are actively exploiting a now-patched vulnerability in Ivanti Connect Secure appliances. The malware "contains capabilities of a rootkit, dropper, backdoor, bootkit, proxy and tunneler."

Bank Info Security 1 year, 4 months ago

Breach Roundup: US Army Officer Guilty of Selling Data

Also, AI Video Mocking Trump and Musk Disrupts HUD OfficesThis week, a U.S. Army soldier pleaded guilty, an AI video displayed to federal workers mocked Donald Trump and Elon Musk, a Saudi firm hit by ransomware, a new North Korean scam, hackers targeted Ukrainian notaries, CISA flagged two flaws, a botnet targeted Microsoft 365 and unpatched Ivanti VPNs.

Also: US Prosecutors Charge Suspected North Korean IT Worker CollaboratorsThis week, researchers spied Palo Alto firewall flaws, a North Korean IT worker conspiracy, ChatGPT as DDoS vector. Chinese hackers targeted a VPN maker, a fake PyPi package and a Russian threat actor shifted tactics. BreachForums admin faces prison and scammers used the release of Ross Ulbricht.

Actively Targeted Zero Day Patched; Warning Issued After Device Configurations LeakFortinet has released patches to fix a zero-day vulnerability being actively exploited by attackers. Separately, researchers are warning customers to review their infrastructure after attackers leaked configuration details - including firewall rules and plaintext VPN passwords - for 15,000 devices.

Loading more headlines...