Watch out for rogue DHCP servers decloaking your VPN connections

May 7, 2024 at 05:59PM A vulnerability dubbed TunnelVision allows attackers to reroute VPN traffic via DHCP, potentially exposing encrypted data to snooping. VPN and OS types don’t matter, except for Android, which is safe. The researchers suggest using network namespaces and firewall-level mitigations but recognize these may not fully resolve the issue. VPN users … Read more

Attacks abuse Microsoft DHCP to spoof DNS records and steal secrets

December 7, 2023 at 05:20PM Akamai researchers found vulnerabilities in Microsoft’s Active Directory domains allowing attackers to spoof DNS records and access stored secrets without needing credentials. Despite reporting the issues, Microsoft isn’t planning repairs. Many networks are at risk, but a detection tool and mitigation advice have been provided by Akamai. **Meeting Takeaways:** 1. … Read more