https://nvd.nist.gov/vuln/detail/CVE-2023-35838
Watching for #tunnelcrack issues with #wireguard
I hope #tailscale is watching too.
#tunnelcrack #wireguard #Tailscale
This Week in Security: TunnelCrack, Mutant, and Not Discord - Up first is a clever attack against VPNs, using some clever DNS and routing tricks... - https://hackaday.com/2023/08/18/this-week-in-security-tunnelcrack-mutant-and-not-discord/ #thisweekinsecurity #hackadaycolumns #securityhacks #tunnelcrack #mutant #apple #news
#news #apple #mutant #tunnelcrack #securityhacks #hackadaycolumns #thisweekinsecurity
Veckans podd handlar om sårbarheten Tunnelcrack. Den nyupptäckta sårbarheten är lika gammal som VPN-tekniken i sig, och alla VPN:er påverkas.
#blisaker #vpn #tunnelcrack #mullvad #proton #wifi
Looks like there's a VPN exploit called a #TunnelCrack that can allow your data to be seen by others. However, if using secured connection, like HTTPS, your data is still encrypted.
https://www.theregister.com/2023/08/10/tunnelcrack_vpn/
Sicherheitsforscher haben eine #Sicherheitsluecke entdeckt, die Daten aus dem #VPN-Tunnel umleiten und abfangen kann.
Die entdeckten Schwachstellen können unabhängig von dem vom VPN verwendeten #Sicherheitsprotokoll missbraucht werden, behaupten sie.
Zur Darstellung der Lücke, die sie #TunnelCrack nennen, haben sie eine umfangreiche Website gestartet (en).
#sicherheitsluecke #vpn #sicherheitsprotokoll #tunnelcrack
About the #tunnelcrack attack, I saw many reactions whose content was, in essence, "this attack has been known for a long time". At the same time, I see a number of #VPN vendors confirming that they are vulnerable, at least in part ( https://www.theregister.com/2023/08/10/tunnelcrack_vpn/ ), and the paper was accepted at #usenix ...
Could someone point me to a resource proving that this security "attack" had been known for a long time ?
Thanks !
(cc @vanhoefm )
#tunnelcrack #vpn #usenix #infosec #cybersecurity
SecurityOnline: TunnelCrack: Unearthing the Hidden Flaws in VPN Security https://securityonline.info/tunnelcrack-unearthing-the-hidden-flaws-in-vpn-security/ #Vulnerability #TunnelCrack #LocalNet #ServerIP
#vulnerability #tunnelcrack #localnet #serverip
SecurityOnline: TunnelCrack: Unearthing the Hidden Flaws in VPN Security https://securityonline.info/tunnelcrack-unearthing-the-hidden-flaws-in-vpn-security/ #Vulnerability #TunnelCrack #LocalNet #ServerIP
#vulnerability #tunnelcrack #localnet #serverip
SecurityOnline: TunnelCrack: Unearthing the Hidden Flaws in VPN Security https://securityonline.info/tunnelcrack-unearthing-the-hidden-flaws-in-vpn-security/ #Vulnerability #TunnelCrack #LocalNet #ServerIP
#vulnerability #tunnelcrack #localnet #serverip
@tailscale do you have any input on the recent #tunnelcrack vulnerability? https://tunnelcrack.mathyvanhoef.com
#TunnelCrack is a new #VPN exploit that can cause traffic leakage and redirection on many of the most popular providers. Check yours at the bottom of this whitepaper: https://papers.mathyvanhoef.com/usenix2023-tunnelcrack.pdf.
> Android is the most secure with roughly one-quarter of VPN apps being vulnerable
That's a pleasant surprise.
https://youtu.be/watch?v=vOawEz39yNY
https://yewtu.be/watch?v=vOawEz39yNY
https://piped.video/watch?v=vOawEz39yNY
https://tunnelcrack.mathyvanhoef.com/
https://www.kb.cert.org/vuls/id/563667
https://nvd.nist.gov/vuln/detail/CVE-2023-36672
https://nvd.nist.gov/vuln/detail/CVE-2023-35838
https://nvd.nist.gov/vuln/detail/CVE-2023-36673
https://nvd.nist.gov/vuln/detail/CVE-2023-36671
#vpn #tunnelcrack #youtube #localnetattack #serveripattack