#VirtualPrivateNetwork

Don’t Forget to Report a Breach: A Cautionary Tale

by

June 28, 2024 at 09:18AM ICE faced a $10 million fine from the SEC for delaying reporting a VPN breach, violating compliance requirements. No clear reason for the delay was provided. The case highlights risks of bypassing compliance for quick response, showing cybersecurity’s broad business impact and insurance implications. Boards are urged to ask better … Read more

New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation

by

May 9, 2024 at 02:46PM TunnelVision is a newly detailed VPN bypass method, assigned CVE identifier CVE-2024-3661, impacting operating systems with DHCP client support. This decloaking technique enables attackers to reroute and potentially inspect VPN traffic. With significant implications for various OSs and VPN tools, mitigating measures include implementing DHCP snooping and ARP protections. The … Read more