VPN Hacks (really VPN stupidity)

Just the urls, ma'am.

VPN Hacks (really VPN stupidity)

Postby quantus » Mon Aug 26, 2019 7:48 pm

Hackers are actively trying to steal passwords from two widely used VPNs

How can places that sell security products seriously have flaws like this in their products? If someone isn't authenticated yet, why would you ever send them whatever file they ask for?

If you're an IT consulting company and you're supporting these devices, why the hell would you not recognize the severity of this and patch your clients immediately rather than waiting for them to file a ticket asking if it's been patched yet? Also, don't send an article from the day after the one already sent to you and go, oh yeah, we just read about this. Finally, it's probably not a good idea to acknowledged that the vpn vendor sent you a "your house is on fire"-style email and you ignored it.

These issues are almost exactly like the raft of bugs in ssh from a couple years ago. Did no one familiar with coding the VPN software stop to think then if they might have a similar issue?
Have you clicked today? Check status, then: People, Jobs or Roads
User avatar
quantus
Tenth Dan Procrastinator
 
Posts: 4795
Joined: Fri Jul 18, 2003 2:09 am
Location: San Jose, CA

Return to Links

Who is online

Users browsing this forum: No registered users and 1 guest

cron