This Week Health
SOAR 2024 Bluebird Leaders This Week HealthAlex's Lemonade Stand This Week Health
<- Back to Insights
May 13, 2024

Novel attack against virtually all VPN apps neuters their entire purpose

Ars Technica
|
Contributed by: Drex DeFord
Summary
Researchers have uncovered a critical vulnerability in almost all virtual private network (VPN) applications called TunnelVision, which compromises the core function of VPNs by routing some or all traffic outside of the encrypted tunnel, potentially exposing user data to interception or alteration. This attack exploits the DHCP option 121 to reroute traffic through an attacker-controlled server instead of the VPN's encrypted tunnel, affecting users on all operating systems except for Android, which is not susceptible due to its lack of implementation of option 121. Despite various mitigation strategies suggested, such as running the VPN in a virtual machine or utilizing a cellular device's Wi-Fi for internet connection, the researchers from Leviathan Security indicate that no full-proof solution exists for other operating systems, highlighting a significant security gap in current VPN technologies.

Explore Related Topics

Subscribe Now to Receive Seven Top Stories Daily to Your Inbox

Subscribe News
Healthcare Transformation, Powered by Community

© Copyright 2024 Health Lyrics All rights reserved