New ‘TunnelVision’ Technique Leaks Traffic From Any VPN System

May 8, 2024 at 10:01AM A new VPN bypass technique, TunnelVision, manipulates DHCP route tables to force traffic off the VPN tunnel, allowing threat actors to snoop on and manipulate network traffic. Exploiting a DHCP design flaw, it does not depend on compromising the DHCP server. Leviathan Security Group recommends mitigation strategies to VPN providers … Read more

Watch out for rogue DHCP servers decloaking your VPN connections

May 7, 2024 at 05:59PM A vulnerability dubbed TunnelVision allows attackers to reroute VPN traffic via DHCP, potentially exposing encrypted data to snooping. VPN and OS types don’t matter, except for Android, which is safe. The researchers suggest using network namespaces and firewall-level mitigations but recognize these may not fully resolve the issue. VPN users … Read more

New attack leaks VPN traffic using rogue DHCP servers

May 7, 2024 at 02:53PM “TunnelVision” is a new attack that bypasses VPN encryption, allowing attackers to intercept unencrypted traffic while appearing secure. Exploiting a flaw in DHCP, attackers set up a rogue server to alter routing and snoop on VPN traffic. The vulnerability affects various operating systems. Mitigation strategies include using network namespaces, denying … Read more