VPN

Pierluigi Paganini May 30, 2019
VPNpro research: this Chinese-linked company secretly owns 10 VPNs with 86 million installs

Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of 86 million installs under its belt. Recent research by the cybersecurity experts at VPNpro shows that the popular mobile VPN developer Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of […]

Pierluigi Paganini April 26, 2019
The strengths and weaknesses of different VPN protocols

One in four internet users use a VPN regularly, but how much does the average user know about what goes on behind the software? Pulling back the curtain, a VPN runs on various VPN protocols that govern the way a VPN client communicates with a VPN server. Different protocols create different ways that connect your […]

Pierluigi Paganini April 12, 2019
VPN apps insecurely store session cookies in memory and log files

At least four VPN apps sold or made available to enterprise customers share security flaws, warns the Carnegie Mellon University CERT Coordination Center (CERT/CC). Virtual private networks (VPNs) are affordable, easy to use, and a vital component in your system. Along with many security features, it ensure the user’s privacy and security. People use VPNs […]

Pierluigi Paganini November 10, 2018
VPN vs. proxy: which is better to stay anonymous online?

Most people prefer using proxies over VPN services because they are easy to use and mostly available for free, but can it be relied on for anonymity? Now and then, we get to hear news about data breaches and cyber attacks. As such, it does not come as a surprise that people are becoming more […]

Pierluigi Paganini June 06, 2018
Are Wi-Fi hotspots in World Cup Russia host cities secure?

Experts at Kaspersky Lab have evaluated the security of 32,000 public Wi-Fi hotspots in the 11 Russian cities hosting the World Cup. The upcoming soccer World Cup represents a privileged target for crooks, hackers, and nation-state actors. It is essential for organizations to take care of any aspect related to the event to protect participants, […]

Pierluigi Paganini March 28, 2018
VPN leaks users’ IPs via WebRTC. I’ve tested seventy VPN providers and 16 of them leaks users’ IPs via WebRTC (23%)

Cyber security researcher Paolo Stagno (aka VoidSec) has tested seventy VPN providers and found 16 of them leaks users’ IPs via WebRTC (23%) You can check if your VPN leaks visiting: http://ip.voidsec.com Here you can find the complete list of the VPN providers that I’ve tested: https://docs.google.com/spreadsheets/d/1Nm7mxfFvmdn-3Az-BtE5O0BIdbJiIAWUnkoAF_v_0ug/edit#gid=0 Add a comment or send me a tweet if you have […]

Pierluigi Paganini March 15, 2018
VPN leaks affect 3 Major VPN vendors, only Hotspot Shield promptly fixed it

The website VPNMentor discovered that IP leak issues in three major VPN vendors, only Hotspot Shield VPN promptly fixed it. The website VPNMentor decided to hire a group of hackers to test popular virtual private networks (VPN) for vulnerabilities that can pose risk for the users. The results of the tests revealed that the solutions evaluated by the […]

Pierluigi Paganini February 09, 2018
A Flaw in Hotspot Shield VPN From AnchorFree Can Expose Users Locations

Security expert Paulos Yibelo has discovered a vulnerability in Hotspot Shield VPN from AnchorFree that can expose locations of the users. Paulos Yibelo, a security researcher, has discovered a vulnerability that can expose users and locations around the globe compromising their anonymity and privacy. The company has about 500 million users globally. VPN services providers […]

Pierluigi Paganini December 14, 2017
FortiClient improper access control exposes users’ VPN credentials

FortiClient for Linux, Mac OSX and Windows stores encrypted VPN authentication credentials in improperly secured locations. Fortinet provided security updates for its next-generation endpoint protection FortiClient product that address a serious information disclosure vulnerability. The flaw, tracked as CVE-2017-14184, could be exploited by an attacker to obtain VPN authentication credentials. FortiClient is a powerful product that includes […]

Pierluigi Paganini October 25, 2017
DUHK Attack allows attackers recover encryption keys used to secure VPN connections and web browsing sessions

DUHK is a vulnerability that allows attackers to recover secret encryption keys used to secure VPN connections and web browsing sessions After the disclosure of the KRACK and ROCA attacks, another attack scenario scares IT community. It is the DUHK vulnerability (Don’t Use Hard-coded Keys), it is the last cryptographic implementation vulnerability that could be exploited […]