Category Archives: VPN

ProtonMail Announces Secure VPN Application for macOS

ProtonMail encoded email service provider announced on Wednesday last the convenience of a Virtual Private Network – VPN service for users of macOS. The VPN service appreciated a wider launch on Windows previous year primarily introduced for certain of its paid ProtonMail users in 2017 and similarly attained on Android this year in January 2018. Previous year, the CERN-founded firm also announced a Tor hidden service and an encoded contacts manager.

Continue reading

Terrible, Absolute Ten-Rated Flaw Smashes Cisco VPNs

A user interface programming error in Cisco VPN software has generated a serious vulnerability smashing ten diverse Adaptive Security Appliance and Firepower Threat Defense Software products.

The critical flaw scores a seamless ten CVSS rating and is existing in the products’ SSL VPN capable of serving. That’s unpleasant news for the reason that if you’re consuming the VPN, the interface has to be made accessible to the Internet. If you’re occurring by chance, a cyberpunk might simply prompt a reload and denial-of-service attack.

From Switchzilla’s advisory: “The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system.”

The issue marks the 3000 series industrial firewall, the ASA 5500 and 5500-X firewalls, a firewall module for Catalyst 6500 switches and 7600 Series routers, the simulated ASA 1000V and ASAv products, three Firepower appliances (2100, 4110, and the 9300 ASA module), and the Firepower Thread Defense (FTD) Software.

The flaw was announced in Firepower Threat Defense 6.2.2, which presented the distant acquire VPN attribute, Cisco said. FTD 6.2.2 was announced last year in September. Patches for both the Adaptive Security Appliance software and Firepower Threat Defense software are obtainable; if you own a Cisco service a binding agreement, or your reseller can deliver the fixes. If not, you will have to inquire the Cisco Technical Assistance Center indeed pleasantly.