Security News

Sudo apt-get install wireguard -y. Once the VPN service is installed, you're ready to configure it. Interface] Address = SERVER IP SaveConfig = true ListenPort = 51820 PrivateKey = SERVER PRIVATE KEY [Peer] PublicKey = CLIENT PUBLIC KEY AllowedIPs = CLIENT IP. Where SERVER PRIVATE KEY is the string of characters you copied to your clipboard from the server, SERVER IP is the IP address of the hosting server, CLIENT PUBLIC KEY is the client public key, and CLIENT IP is the IP address of the client.

A threat actor linked to South Korea has launched attacks against Chinese government agencies using a zero-day vulnerability affecting a local VPN service, Chinese cybersecurity firm Qihoo 360 reported on Monday. Qihoo 360 does not directly accuse South Korea of being behind the attacks, but says the threat actor is located in the Korean Peninsula and notes that its victims include North Korea.

As the Chinese government turns to virtual private networks to provide access to official resources for those working remotely amid the COVID-19 pandemic, the DarkHotel APT has seized the opportunity to target those VPNs in a zero-day attack, researchers said. According to security analysts from Chinese firm Qihoo 360, attacks began in March on a Chinese VPN provider called SangFor, used by a number of Chinese governmental agencies.

One of the easiest ways for professionals to protect their internet traffic is by using a virtual private network, or VPN. VPNs are used to create secure, remote connections to other networks or geographic locations; a computer connected to a VPN can appear to be inside of a business network or in a different part of the world. There are a lot of factors that go into choosing a good VPN service, and you can read up on choices and VPN policy at TechRepublic and our sister site ZDNet.

Here are some of the best VPNs for small enterprises to use as they try to keep business going digitally. SurfShark has fewer features than the first two VPNs on this list but may be a better option for small enterprises and businesses because it allows users to have unlimited device support, meaning you can connect as many devices as needed.

WireGuard, a new VPN protocol with both strong performance and easy setup, has been adopted by startup Tailscale as the basis of a peer-to-peer remote networking system that is both secure and quick to configure. WireGuard is an open source VPN which achieved its 1.0 release on March 30th, coinciding with the release of Linux 5.6.

"We're seeing from signals in Microsoft Threat Protection services that the attackers behind the REvil ransomware are actively scanning the internet for vulnerable systems. Attackers have also been observed using the updater features of VPN clients to deploy malware payloads," the company shared. Human-operated ransomware campaigns targeting organizations have became the prevalent type of attack that involves the use of ransomware.

Publicised by ProtonVPN, the issue is a bypass flaw caused by iOS not closing existing connections as it establishes a VPN tunnel, affecting iOS 13.3.1 as well as the latest version. A VPN app should open a private connection to a dedicated server through which all internet traffic from the device is routed before being forwarded to the website or service someone is accessing.

Not unexpectedly, enterprise VPN use has also greatly increased, and so has the use of the Remote Desktop Protocol, a popular and common means for remotely managing a computer over a network connection. The number of devices exposing RDP to the internet on standard ports has grown by 41.5 percent over the past month.

Researchers said the Apple VPN bypass bug in iOS fails to terminate all existing connections and leaves a limited amount of data unprotected, such as a device's IP address, exposing it for a limited window of time. "Most connections are short-lived and will eventually be re-established through the VPN tunnel on their own. However, some are long-lasting and can remain open for minutes to hours outside the VPN tunnel," researchers explained in a technical analysis of the flaw.