Tag: VPN | Page 21

Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways

January 2, 2021/in Internet Security

More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel.

The backdoor account, discovered by a team of Dutch security researchers from Eye Control, is considered as bad as it gets in terms of vulnerabilities.

Device owners are advised to update systems as soon as time permits.

Security experts warn that anyone ranging from DDoS botnet operators to state-sponsored hacking groups and ransomware gangs could abuse this backdoor account to access vulnerable devices and pivot to internal networks for additional attacks.

Affected modules include many enterprise-grade devices

Affected models include many of Zyxel’s top products from its line of business-grade devices, usually deployed across private enterprise and government networks.

This includes Zyxel product lines such as:

the Advanced Threat Protection (ATP) series – used primarily as a firewall
the Unified Security Gateway (USG) series – used as a hybrid firewall and VPN gateway
the USG FLEX series – used as a hybrid firewall and VPN gateway
the VPN series – used as a VPN gateway
the NXC series – used as a WLAN access point controller

Many of these devices are used at the edge of a company’s network and, once compromised, allow attackers to pivot and launch further attacks against internal hosts.

Patches are currently available only for the ATP, USG, USG Flex, and VPN series. Patches for the NXC series are expected in April 2021, according to a Zyxel security advisory.

Backdoor account was easy to discover

Installing patches removes the backdoor account, which, according to Eye Control researchers, uses the “zyfwp” username and the “PrOw!aN_fXp” password.

“The plaintext password was visible in one of the binaries on the system,” the Dutch researchers said in a report published before the Christmas 2020 holiday.

Researchers said the account had root access to the…

Source…

Worldwide VPN market to reach $75.59 billion by 2027

December 31, 2020/in Mobile Security

The global VPN market was valued at $25.41 Billion in 2019 and is projected to reach $75.59 Billion by 2027, growing at a CAGR of 14.7% from 2020 to 2027, Valuates Reports reveals.

VPN market

Major factors driving the growth of VPN market size, increase in data security concerns, rise in advanced & complex cyber threats, and an upsurge in usage of mobile & wireless devices within organizations.

This study includes the analytical depiction of the virtual private network market forecast and trends to determine the imminent investment pockets.

Trends influencing the VPN market size

The upsurge in usage of mobile and wireless devices is expected to drive the growth of the VPN market size. When more and more work transactions are performed by mobile devices, security is becoming a major concern. Mobile VPN technology and other mobile security products are considered key components as more mobile devices reach the workplace.

The VPN market size is rising as businesses implement BYOD policies to improve efficiency and reduce cost. The Private Network Tool ensures that remote staff is safely linked to corporate networks, thus shielding BYOD devices from malicious cyber-attacks.

The rise in advanced and complex cyber threats is expected to fuel the VPN market size. Cybercriminals have shown that they can easily take advantage of users communicating via hotspots or unsecured networks, although organizations have little protection against such attacks.

Hackers are actively searching for new vulnerabilities to exploit, and businesses need to be prepared for these zero-day attacks. The use of VPN and the compliance of mobile endpoint organizational policies help prevent these attacks.

COVID-19 impact on VPN market

As a result of COVID-19, businesses have already started to adjust their digital transformation priorities and concentrate on addressing shifts in network needs. VPN connections are important for workers when working remotely and are often the IT team’s first stage in enabling a virtual workforce.

For remote employees, the ability to access data at all times is critical. The ability to access the internet via improved wireless technology has allowed applications to be downloaded…

Source…

National Police Agency computer hacked 46 times through VPN : The Asahi Shimbun

December 30, 2020/in Computer Security

People working from home due to the novel coronavirus pandemic may want to think twice about consulting the National Police Agency about computer security.

The agency failed to stop hackers from breaking into one of its personal computers 46 times between August 2019 and mid-November this year, red-faced officials announced on Nov. 27.

“It’s extremely embarrassing that the NPA was successfully attacked when it should have a computer security system that is unbreachable,” a high-ranking NPA official said.

The breach revolved around the virtual private network (VPN) the agency provides to outside companies that it has dealings with. VPN devices have been in wide use by those working from home because they are used to connect to company computer networks.

The hacking at the NPA stemmed from the theft of IDs and passwords to access the VPN.

The hacked computer was used to exchange contract-related data with outside companies. The VPN allowed those companies to directly access the NPA computer.

NPA officials are confident that the data was not leaked because all exchanges are deleted from the computer after an exchange over a specific contract is concluded.

NPA officials said they learned about the breach from officials at the Metropolitan Police Department.

Since mid-November, a hacking group had posted a list of about 50,000 VPN devices, including the one used by the NPA, on a bulletin board site. Sources said someone tipped off the Metropolitan Police Department about the list and those officials in turn informed the NPA.

The Asahi Shimbun analyzed the list with the help of outside experts and found 5,600 IP addresses in Japan were on it. The number was second only to the 7,700 or so IP addresses in the United States.

Identifying the organizations possessing the IP addresses led to small businesses, local governments and educational institutions in Japan.

One of the educational institutions was Sapporo University in Hokkaido, which on Dec. 4 announced that the ID information of nine employees had been stolen by hackers.

The VPN devices on the list were all manufactured by Fortinet of the United States. In May 2019, the company announced a…

Source…

Does Nord VPN Provides Fast & Secure VPN Service? By Joll of News

December 28, 2020/in Internet Security

Does Nord VPN Provides Fast & Secure VPN Service?

NordVPN is a virtual private network (VPN) service provider. It has desktop applications for Windows, macOS, and Linux, mobile apps for Android and iOS

New York City, NY, Dec. 27, 2020 (GLOBE NEWSWIRE) — Sending and receiving digital information has become indispensable in almost everybody’s daily routine. It is estimated that around 4.5 billion people access the Internet each month. However, most people are concerned about online privacy and security. An extra layer of protection is important when transferring confidential and private data, and it is logical that online security is the top priority for most users. A VPN serves as a personal and secured internet express lane, where the user gets connected to the destination through a private encrypted tunnel. That’s why it’s called Virtual Private Network (1).

MUST SEE: “Shocking New NordVPN Report – This May Change Your Mind

Need for a Private and Secured Network

As global digital literacy rates increase day by day, the number of people accessing the Internet is also growing exponentially. Phishing, hacking and online frauds are some issues that people come across. Slow speed and poor internet signals are few other common internet issues. That’s when the VPN helps. Virtual Private Network is a confidential internet connection that securely encrypts and transmits information for online users. Using a VPN to get connected to the Internet allows people to surf websites in protected mode. VPNs claim to provide private and safe access to restricted websites too (2). It ultimately shields the user’s online activity from prying eyes on open Wi-Fi. Internet speed is also important and the NordVPN service provider is an established name in this realm. It provides a fast and secured web life by protecting internet traffic without bogging down the internet speed. This review looks at how NordVPN works.

About NordVPN

Untrustworthy Wi-Fi hotspots could cause a lot of harm to online users. Some VPNs can…

Source…

Tag Archive for: VPN

Affected modules include many enterprise-grade devices

Backdoor account was easy to discover

Trends influencing the VPN market size

COVID-19 impact on VPN market

Does Nord VPN Provides Fast & Secure VPN Service?