Security News
The U.S. Cybersecurity and Infrastructure Security Agency revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to maintain root persistence even after performing factory resets. The authoring organizations encourage network defenders to assume that user and service account credentials stored within the affected Ivanti VPN appliances are likely compromised, hunt for malicious activity on their networks using the detection methods and indicators of compromise within this advisory, run Ivanti's most recent external ICT, and apply available patching guidance provided by Ivanti as version updates become available.
Is it good enough to have a free VPN? Are paid VPNs worth it? The answer, of course, depends on the VPN itself and what you plan to use it for. The three providers below offer legitimate VPN services with both free and paid plans.
At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN...
Speedify VPN is free for the first 2 GB per month, then you can upgrade to a paid Individuals or Families plan to gain unlimited usage and access to additional servers. Speedify VPN Free works on a single device for a single user, whereas the Individuals plan allows use on up to five devices simultaneously.
Me is a Malaysian-based VPN that offers a Free and Premium plan. Me VPN service, which allows users to connect to the VPN in 8 different server locations using a single device at a time.
The TunnelBear VPN Free version allows users to enjoy the full TunnelBear VPN service with a monthly data limit of 2GB. In comparison, the paid version provides users with two subscription options: TunnelBear Unlimited and TunnelBear Teams. Visit TunnelBear VPN. TunnelBear VPN paid plans pros and cons.
Hotspot Shield is one of a few VPN providers that offer both free and premium plans. Hotspot Shield has split tunneling in both its Basic and Premium plans, allowing users to access a public network while still being connected to a VPN server.
Suspected Chinese state-sponsored hackers leveraging Ivanti Connect Secure VPN flaws to breach a variety of organizations have demonstrated "a nuanced understanding of the appliance", according to Mandiant incident responders and threat hunters. "While the limited attempts observed to maintain persistence have not been successful to date due to a lack of logic in the malware's code to account for an encryption key mismatch, it further demonstrates the lengths UNC5325 will go to maintain access to priority targets and highlights the importance of ensuring network appliances have the latest updates and patches," Mandiant's specialists noted.
In this article, we take a look at four of the best free VPNs available today. Proton VPN: Best overall free VPN. Visit Proton VPN. Proton VPN has garnered popularity as a top pick for free VPNs, and I see why.
Two zero-day vulnerabilities have been discovered in Ivanti Secure VPN, a popular VPN solution used by organizations worldwide. The chaining of the two vulnerabilities allow any attacker to execute remote code without any authentication and compromise affected systems.