The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: vpn service

Apple's New iCloud Private Relay Service Leaks Users' Real IP Addresses

Apple's New iCloud Private Relay Service Leaks Users' Real IP Addresses

September 24, 2021Ravie Lakshmanan
A new as-yet unpatched weakness in Apple's iCloud Private Relay feature could be circumvented to leak users' true IP addresses from iOS devices running the latest version of the operating system. Introduced as a beta with iOS 15, which was officially released this week,  iCloud Private Relay  aims to improve anonymity on the web by employing a dual-hop architecture that effectively shields users' IP address, location, and DNS requests from websites and network service providers. It achieves this by routing users' internet traffic on the Safari browser through two proxies in order to mask who's browsing and where that data is coming from in what could be viewed as a simplified version of Tor.  However, the feature is available only to iCloud+ subscribers running iOS 15 or macOS 12 Monterey and above. "If you read the IP address from an HTTP request received by your server, you'll get the IP address of the egress proxy," FingerprintJS researcher Se
North Korea Exploited VPN Flaw to Hack South's Nuclear Research Institute

North Korea Exploited VPN Flaw to Hack South's Nuclear Research Institute

June 18, 2021Ravie Lakshmanan
South Korea's state-run Korea Atomic Energy Research Institute (KAERI) on Friday disclosed that its internal network was infiltrated by suspected attackers operating out of its northern counterpart. The intrusion is said to have taken place on May 14 through a vulnerability in an unnamed virtual private network (VPN) vendor and involved a  total of 13 IP addresses , one of which — "27.102.114[.]89" — has been previously linked to a state-sponsored threat actor dubbed  Kimsuky . KAERI, established in 1959 and situated in the city of Daejeon, is a government-funded research institute that designs and develops nuclear technologies related to reactors, fuel rods, radiation fusion, and nuclear safety. Following the intrusion, the think tank said it took steps to block the attacker's IP addresses in question and applied necessary security patches to the vulnerable VPN solution. "Currently, the Atomic Energy Research Institute is investigating the subject of the ha
Critical Flaws Reported in Cisco VPN Routers for Businesses—Patch ASAP

Critical Flaws Reported in Cisco VPN Routers for Businesses—Patch ASAP

February 05, 2021Ravie Lakshmanan
Cisco has rolled out fixes for multiple critical vulnerabilities in the web-based management interface of Small Business routers that could potentially allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. The  flaws  — tracked from CVE-2021-1289 through CVE-2021-1295 (CVSS score 9.8) — impact RV160, RV160W, RV260, RV260P, and RV260W VPN routers running a firmware release earlier than Release 1.0.01.02. Along with the aforementioned three vulnerabilities, patches have also been released for two more  arbitrary file write flaws  (CVE-2021-1296 and CVE-2021-1297) affecting the same set of VPN routers that could have made it possible for an adversary to overwrite arbitrary files on the vulnerable system. All the nine security issues were reported to the networking equipment maker by security researcher Takeshi Shiomitsu, who has previously uncovered  similar critical flaws  in RV110W, RV130W, and RV215W Routers that could be lever
Cybercriminals' Favorite Bulletproof VPN Service Shuts Down In Global Action

Cybercriminals' Favorite Bulletproof VPN Service Shuts Down In Global Action

December 22, 2020Ravie Lakshmanan
Law enforcement agencies from the US, Germany, Netherlands, Switzerland, France, along with Europol's European Cybercrime Centre (EC3), announced today the coordinated takedown of Safe-Inet, a popular virtual private network (VPN) service that was used to facilitate criminal activity. The three domains in question — insorg[.]org, safe-inet[.]com, and safe-inet[.]net — were shut down, and their infrastructure seized as part of a joint investigation called "Operation Nova." Europol called Safe-Inet a cybercriminals' " favorite ." A crucial reason for the domains' seizure has been their central role in facilitating ransomware, carrying out web-skimming, spear-phishing, and account takeover attacks. The service, which comes with support for Russian and English languages and has been active for over a decade, offered " bulletproof hosting services " to website visitors, often at a steep price to the criminal underworld. As of December 1, the 
Get Free VPN Service With New PornHub App

Get Free VPN Service With New PornHub App

May 24, 2018Wang Wei
Pornhub wants you to keep your porn viewing activities private, and it is ready to help you out with its all-new safety and privacy free VPN service. Yes, you heard that right. Adult entertainment giant Pornhub that allows porn videos download has launched its very own free VPN service today with "unlimited bandwidth" to help you keep prying eyes away from your browsing activity. Dubbed VPNhub, the VPN service by Porn Hub and developed by AppAtomic, is available for both mobile as well as desktop platform, including Android, iOS, MacOS, and Windows. VPN, or Virtual Private Network, hides IP address, allows users to transmit data anonymously, avoids ISP-level website blocking or tracking and keeps your internet connections ans browsing activity private by encrypting your data, even when you are on public Wi-Fi connections. Isn't it the great reason to use a VPN? Of course, Yes. Pornhub App Launches Fast VPN Service Like Hotspot shield and others, Pornhub&#
Secure VPN Services — Get 91% Off On Lifetime Subscriptions

Secure VPN Services — Get 91% Off On Lifetime Subscriptions

February 08, 2018The Hacker News
Since most of us rely upon the Internet for day-to-day activities, hacking and spying have become a prime concern today, and so have online security and privacy. The governments across the world have been found to be conducting mass surveillance and then there are hackers and cybercriminals who are always looking for ways to steal your sensitive and personal data from the ill-equipped networks, websites, and PCs. Even most online services and websites today collect your personal data, including search histories, location data, and buying habits, and makes millions by sharing them with advertisers and marketers. In short, we have no or very little online privacy. This is why schools, colleges, hospitals and other small and big businesses are moving towards adopting a solution that allows them to store and access their personal data securely. The solution: Virtual Private Network. Virtual Private Network, or VPN, serves as an encrypted tunnel that secures your computer's Int
Researcher Claims Hotspot Shield VPN Service Exposes You on the Internet

Researcher Claims Hotspot Shield VPN Service Exposes You on the Internet

February 07, 2018Mohit Kumar
Virtual Private Network (VPN) is one of the best solutions you can have to protect your privacy and data on the Internet, but you should be more vigilant while choosing a VPN service which truly respects your privacy. If you are using the popular VPN service Hotspot Shield for online anonymity and privacy, you may inadvertently be leaking your real IP address and other sensitive information. Developed by AnchorFree GmbH, Hotspot Shield is a VPN service available for free on Google Play Store and Apple Mac App Store with an estimated 500 million users around the world. The service promises to " secure all online activities ," hide users' IP addresses and their identities and protect them from tracking by transferring their internet and browsing traffic through its encrypted channel. However, an 'alleged' information disclosure vulnerability discovered in Hotspot Shield results in the exposure of users data, like the name of Wi-Fi network name (if conne
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.