Connect with us

Cyber Security

What is a VPN and how does it work?

Avatar

Published

on

What is a VPN and how does it work

VPN stands for ‘Virtual Private Network’ which defines the possibility, by using public networks, to create a secure network link. VPNs encrypt your traffic on the internet and mask your name online. This makes monitoring the actions online and stealing data more complicated for third parties. In real time, the encryption takes place.

Table of Contents

How does a VPN function?

By making the network route it into a specially built remote server operated by a VPN host, a VPN masks your IP address. This suggests that the VPN server becomes the root of your data whenever you browse online using a VPN. This suggests that the Internet Service Provider (ISP) and other third parties are unable to see which websites you are accessing or what details you are transmitting and receiving online. “A VPN functions like a filter that turns “gibberish” on all your results. It would be pointless even if anyone were to get their hands on your records, too.

What advantages would a VPN connection have?

A VPN link disguises the online data traffic and defends it from external access. Everyone who has network connectivity and wants to see it will see unencrypted info. Hackers and cyber criminals can’t decode this knowledge with a VPN.

    • Safe encryption: You need an encryption key to read the details . Without one, in the case of a brute force attack, it will take millions of years for a machine to decode the message . With the aid of a VPN, also on public networks, the online behaviors are covered.
    • Disguising your whereabouts: On the Internet, VPN servers practically operate as your proxies. Although the data for the demographic location comes from a server in another world, it is not possible to determine the exact location. Furthermore, most VPN providers do not store logs of your operations. Some providers, on the other hand, monitor your actions, but do not pass this information on to third parties. This ensures that every future trace of the actions of your customer stays forever concealed.
    • Links to regional content: It is not always easy to access regional web content from anywhere. There is also content on services and websites that can only be viewed from some areas of the world. In order to decide your location, standard connections use local servers in the region. This ensures that, when driving, you can not access content at home, and you can not access foreign content from home. With VPN location spoofing, you can move to another nation on a server and change your location efficiently.
    • Safe data transfer: You can need to view sensitive files on your company’s network if you operate remotely. This sort of information involves a safe link for security purposes. A VPN connection is also necessary to obtain access to the network. To reduce the chance of data loss, VPN services link to private servers and use encryption methods.

Why can a VPN link be used?

When you connect to the internet, your ISP normally sets up your links. Via an IP address, it watches you. Your network traffic is routed through the servers of your ISP, which can monitor and view everything you do online.

Your ISP may seem trustworthy, but with advertisers, the police or government, and/or other third parties, it might share your browsing history. ISPs will also become prey to cyber hackers’ attacks: the personal and private data can be stolen if they are hacked.

This is highly relevant if you connect to public Wi-Fi networks daily. You never know who, like passwords, personal records, payment information, or even your entire identity, might be watching your internet traffic and what they might take from you.

What is a good VPN intended to do?

To perform one or more functions, you can focus on your VPN. The VPN itself should be safeguarded from compromise as well. Based on our research, a recent trending VPNSurfers do a better job in terms of security.

These are the characteristics of a robust VPN solution that you can expect:

    • Your IP address encryption: Protecting your IP address from your ISP and other third parties is the primary activity of a VPN. This helps you to send and receive online information without the possibility of seeing it from anyone but you and the VPN provider.
    • Protocol encryption: A VPN can also prohibit you from leaving traces in the form of internet history, search history and cookies, for example. Cookie security is highly important because it prohibits third parties from having access to sensitive information on websites, such as personal data, financial information and other material.
    • Kill switch: Your stable link will also be broken if your VPN connection is abruptly disrupted. This abrupt downtime can be observed and preselected programs can be terminated by a successful VPN, minimizing the risk that data is damaged.
    • Two-factor authentication: A powerful VPN tests anyone who wants to log in by using a number of authentication methods. You can be asked to enter a password, for instance, in which a code is sent to your mobile device. This makes access to your safe link impossible for uninvited third parties.

About the past of VPNs

There has been a campaign to protect and encrypt internet browser data since humans have been using the internet. Back in the 1960s, the US Department of Defense was still interested in programs focusing on encrypting Internet correspondence data.

The VPN Ancestors

Their activities led to the formation of the packet switching network ARPANET (Advanced Research Projects Agency Network), which in turn led to the creation of the Transport Control Protocol/Internet Protocol (TCP/IP).

There were four layers for the TCP/IP: connection, internet, transportation and application. Local networks and computers could be interconnected to the universal network at the internet level, and this was where the possibility of exposure became apparent. A team from Columbia University and AT&T Bell Labs ultimately succeeded in developing a kind of first version of the current VPN in 1993, known as swIPe: IP encryption protocol program.

In the following year, Wei Xu created the IPSec network, a protocol for internet protection that authenticates and encrypts online shared knowledge packets. A Microsoft worker called Gurdeep Singh-Pall developed a peer-to-peer tunneling protocol in 1996. (PPTP).

Early VPNs Over

The internet rose in popularity alongside Singh-creation Pall’s of PPTP, and the need for consumer-ready, advanced security systems arose. Anti-virus systems were also successful at the time in stopping a computer device from being compromised with ransomware and spyware. However, individuals and enterprises have since begun to demand encryption tools that could mask their internet browsing background.

Therefore, the first VPNs began in the early 2000s, but were almost solely used by businesses. The user demand for VPNs, however, began to pick up after a flood of security breaches, especially in the early 2010s.

VPNs and the current use of them

The number of VPN users worldwide grew more than fourfold between 2016 and 2018, according to the Global WebIndex. One in five internet users uses a VPN in countries like Thailand, Indonesia and China, where internet access is limited and censored. The proportion of VPN users in the USA, Great Britain and Germany is around 5 percent smaller, but it is rising.

The rising market for content with regional connectivity constraints has become one of the greatest drivers for VPN adoption in recent years. Video subscription sites such as Netflix or YouTube, for instance, allow those content only accessible in certain countries. You can encrypt your IP address with contemporary VPNs so that you seem to be browsing from another country, allowing you to access this content from anywhere.

Here’s how to surf with a VPN safely.

Your surfing activity is encrypted by a VPN that can only be decoded with the aid of a key. This key is known only to your machine and the VPN, so your ISP does not remember where you are surfing. Different VPNs use different processes of encryption, but usually operate in three steps:

Start your VPN until you are online. The VPN works between you and the internet as a safe tunnel. This tunnel can’t be seen by the ISP and other third parties.

Your computer is now on the VPN’s local network, and you can update your IP address to the IP address given by the VPN server.

As the VPN preserves all your personal info, you can now browse the internet at will.

What kind of VPNs are available?

There are several different kinds of VPNs, but the three key forms should surely be familiar to you:

VPN SSL

Not all company staff also have access to a corporate machine that they can use to operate from home. During the Spring 2020 corona crisis, many enterprises faced the issue of not providing adequate equipment for their workers. The use of a private computer (PC, desktop, smartphone, cell phone) is also seen in such situations. Companies fell back on an SSL-VPN approach in this situation, which is typically deployed via the required hardware package.

Typically, the requirement is an HTML-5-capable browser which is used to pull up the login page of the business. For practically any operating system, HTML-5 capable browsers are available. Control is protected with a password and username.

VPN Site-to-site

In essence, a site-to-site VPN is a private network built to mask private intranets and allow users of these protected networks to access services from each other.

If you have several sites in your enterprise, each with its own local area network (LAN) connecting to the WAN, a site-to-site VPN is beneficial (Wide Area Network). Site-to-site VPNs are also handy if you have two different intranets between which you want to send files without directly accessing the other from one intranet without users.

In large businesses, site-to-site VPNs are primarily used. They are difficult to implement and do not have the same functionality as VPNs for SSL. However, inside and between large departments, they are the most reliable way to maintain coordination.

VPN Client-to-Server

It is easy to envision connecting with a VPN client as if you were connecting your home PC to the enterprise via an extension cable. Via the safe link, workers can dial into the company network from their home office and behave as if they were seated in the office. A VPN client, however, must be installed and setup on the machine first.

This includes the user being not wired by his own ISP to the internet, but establishing a direct link via his/her VPN provider. This effectively shortens the VPN journey’s tunnel period. The VPN will automatically encrypt the data until it is made available to the user, instead of using the VPN to create an encryption tunnel to mask the actual Internet link.

This is an increasingly prevalent mode of VPN, which is especially beneficial for vulnerable public WLAN providers. It protects the network link from being hacked and compromised by third parties and encrypts data all the way to the provider. It also prohibits ISPs from accessing data that stays unencrypted for any reason and bypasses all limitations on internet connectivity by the consumer (for instance, if the government of that country restricts internet access).

Greater reliability and universal access to business services is the value of this form of VPN access. For example, if an adequate telephone system is available, the employee will connect to the system with a headset and behave as if he or she is at the office of their business. For starters, the company’s clients can not even say if the worker is in the company or in their home office at work.

How can I use my computer to mount a VPN?

It is important to be familiar with the various deployment methods prior to installing a VPN:

User VPNs

For standalone VPN clients, applications must be installed. This package is designed to satisfy the endpoint specifications. The endpoint executes the VPN connection while setting up the VPN and links to the other endpoint, forming the encryption tunnel. In businesses, this move normally includes entering a password provided by the company or downloading a suitable certificate. The firewall will understand that this is an acceptable link with the use of a password or certificate. The worker then, by way of qualifications known to him/her, distinguishes him/herself.

Extensions of Browsers

For most web browsers, such as Google Chrome and Firefox, VPN plugins may be added. Some browsers also have their own embedded VPN extensions, like Opera. Extensions make it easy for users when browsing the internet to easily turn and customize their VPN. The VPN link, however, is only true for the information exchanged by this browser. The VPN cannot encrypt the use of other browsers and other internet uses beyond the browser (e.g. video games).

Although browser extensions are not as robust as VPN clients, for occasional internet users who want an extra layer of internet security, they can be an acceptable alternative. They have proved to be more vulnerable to offences, though. As data harvesters can try to use fake VPN extensions, users are also recommended to choose a reputable extension. The processing of personal data, such as what marketing strategists use to build a personal profile of you, is data collection. Advertising content is then targeted to you individually.

VPN for Router

If the same internet link is attached to several computers, it could be better to implement the VPN directly on the router than to add a different VPN on each device. When you want to secure devices with an internet link that are not simple to install, such as smart TVs, a router VPN is particularly helpful. Via your home entertainment systems, they can also help you access geographically limited content.

A router VPN is simple to install, still provides protection and privacy, and protects the network from being hacked when vulnerable devices log in. However, if your router doesn’t have its own user interface, it might be more difficult to handle. This will contribute to the blockage of incoming connections.

VPN to Business

A VPN for a business is a tailored solution that needs customized configuration and technical support. The VPN is typically created by the IT team of the organization for you. As a customer, the VPN itself has no managerial control and your operations and data transfers are logged by your organization. This helps the enterprise to reduce the possible risk of data leakage. A fully protected access to the company’s intranet and server is the biggest benefit of a corporate VPN, even for workers who work outside the company on their own Internet connection.

Can I even use a VPN my smartphone or PC?

Yeah, smartphones and other Internet-connected devices have a range of VPN options. When you use it to store payment information or other personal details or even simply to browse the internet, a VPN may be important for your mobile computer.

Really, is a VPN so safe?

It is important to remember that VPNs are not like robust anti-virus software that works. Although they secure your IP and encrypt your internet history, your machine is not shielded from outside access by a VPN link. Since it would not protect you from Trojans, worms, bots or other malware by running a VPN on its own.

Once the malware has made its way into your computer, whether you are running a VPN or not, it will steal or destroy your data. Therefore, to ensure optimal security, it is critical that you use a VPN along with a robust anti-virus software.

Choosing a reliable VPN provider

It is also important for you to select a VPN provider you can trust. Although your internet traffic can not be seen by your ISP, your VPN provider can. If you’re compromised by your VPN service, so are you. For this purpose, to ensure both the concealment of your internet activities and ensure the highest degree of protection, it is important that you select a trustworthy VPN provider.

How to install VPN connection?

There are also VPN connections for Android smartphones and iPhones, as already stated. Fortunately, VPN services for smartphones are simple to use and usually include the following:

    • Generally, the installation phase installs only one app from the iOS App Store or Google Play Store. While free VPN providers exist, when it comes to protection, it’s prudent to select a skilled provider.
    • The configuration is incredibly user-friendly, since the default settings are already configured more for the average smartphone user. Only log in to your account. Most applications will then direct you through the VPN services’ main functions.
    • For certain VPN applications, flipping on the VPN practically acts like a light switch. The choice would possibly be found directly on the home screen.
    • If you want to fake your location, server switching is normally performed manually. From the bid, simply select the desired country.
    • For users needing a greater degree of data security, advanced configuration is available. You can also pick other protocols for your form of encryption, based on your VPN. In your smartphone, diagnostics and other functionality may also be available. To choose the best VPN for your needs, read about these features before you subscribe.
    • All you have to do is first enable the VPN connection via the app, in order to browse the internet securely from now on.

But keep the following in mind: A VPN is just as secure as the provider’s data use and storage policies. Note that your data is transferred to their servers through the VPN provider and these servers communicate on your behalf over the internet. Make sure that it is transparent for what reason these records are stored whether they store data logs.

Note that it encrypts only internet info. There will be no delivery over the internet of something that does not use a cellular or Wi-Fi service. As a consequence, your VPN can not encrypt your regular voice calls or emails.

Source: https://cybersguards.com/what-is-a-vpn-and-how-does-it-work/

AI

SolarWinds Hackers Targeted Cloud Services as a Key Objective 

Avatar

Published

on

The SolarWinds attackers appear to have as a primary objective the compromise the authentication method for cloud services, with far-reaching implications. (Credit: Getty Images).   

By John P. Desmond, AI Trends Editor 

The SolarWinds hackers appeared to have targeted cloud services as a key objective, potentially giving them access to many, if not all, of an organization’s cloud-based services.  

Christopher Budd, independent security expert

This is from an account in GeekWire written by Christopher Budd, an independent security consultant who worked previously in Microsoft’s Security Response Center for 10 years.  

“If we decode the various reports and connect the dots we can see that the SolarWinds attackers have targeted authentication systems on the compromised networks, so they can log in to cloud-based services like Microsoft Office 365 without raising alarms,” wrote Budd. “Worse, the way they’re carrying this out can potentially be used to gain access to many, if not all, of an organization’s cloud-based services.”  

The implication is that those assessing the impact of the attacks need to look not just at their own systems and networks, but also at their cloud-based services for evidence of compromise. And it means that defending against attacks means increasing the security and monitoring of cloud services authentication systems, “from now on.”  

Budd cited these key takeaways: 

  • After establishing a foothold in a network, the SolarWinds attackers target the systems that issue proof of identity used by cloud-based services; and they steal the means used to issue IDs; 
  • Once they have this ability, they are able to create fake IDs that allow them to impersonate legitimate users, or create malicious accounts that seem legitimate, including accounts with administrative access;  
  • Because the IDs are used to provide access to data and service by cloud-based accounts, the attackers are able to access data and email as if they were legitimate users.

SAML Authentication Method for Cloud Services Seen Targeted 

Cloud-based services use an authentication method called Security Assertion Markup Language (SAML), which issues a token that is “proof” of the identity of a legitimate user to the services. Budd ascertained, based on a series of posts on the Microsoft blog, that the SAML service was targeted. While this type of attack was first seen in 2017, “This is the first major attack with this kind of broad visibility that targets cloud-based authentication mechanisms,” Budd stated. 

In response to a question Budd asked Microsoft, on whether the company learned of any vulnerabilities that led to this attack, he got this response: “We have not identified any Microsoft product or cloud service vulnerabilities in these investigations. Once in a network, the intruder then uses the foothold to gain privilege and use that privilege to gain access.” 

A response from the National Security Administration was similar, saying the attackers, by “abusing the federated authentication,” were not exploiting any vulnerability in the Microsoft authentication system, “but rather abusing the trust established across the integrated components.” 

Also, although the SolarWinds attack came through a Microsoft cloud-based service, it involved the SAML open standard that is widely used by vendors of cloud-based services, not just Microsoft. “The SolarWinds attacks and these kinds of SAML-based attacks against cloud services in the future can involve non-Microsoft SAML-providers and cloud service providers,” Budd stated. 

American Intelligence Sees Attack Originating with Russia’s Cozy Bear 

American intelligence officials believe the attack originated from Russia. Specifically, according to a report from The Economist, the group of attackers known as Cozy Bear, thought to be part of Russia’s intelligence service, were responsible. “It appears to be one of the largest-ever acts of digital espionage against America,” the account stated.  

The attack demonstrated “top-tier operational tradecraft,” according to FireEye, a cyber-security firm that also was itself a victim.  

America has tended to categorize and respond to cyber-attacks happening over the last decade according to the aims of the attackers. It has regarded intrusions intended to steal secretsold-fashioned espionageas fair game that the US National Security Agency is also engaged in. But attacks intended to cause harm, such as the North Korea assault on Sony Pictures in 2014, or China’s theft of industrial secrets, are viewed as crossing a line, the account suggested. Thus, sanctions have been imposed on many Russian, Chinese, North Korean and Iranian hackers.   

The Solar Winds attack seems to have created its own category. “This effort to stamp norms onto a covert and chaotic arena of competition has been unsuccessful,” the Economist account stated. “The line between espionage and subversion is blurred.”  

One observer sees that America has grown less tolerant of “what’s allowed in cyberspace” since the hack of the Officer of Personnel Management (OPM) in 2015. That hack breached OPM networks and exposed the records of 22.1 million related to government employees, others who had undergone background checks, and friends and family. State-sponsored hackers working on behalf of the Chinese government were believed responsible.   

“Such large-scale espionage “would be now at the top of the list of operations that they would deem as unacceptable,” stated Max Smeets of the Centre of Security Studies in Zurich. 

“On-Prem” Software Seen as More Risky 

The SolarWinds Orion product is installed “on-prem,” meaning it is installed and run on computers on the premises of the organization using the software. Such products carry security risks that IT leadership needs to carefully evaluate, suggested a recent account in eWeek 

William White, security and IT director, BigPanda

The SolarWinds attackers apparently used a compromised software patch to gain entry, suggested William White, security and IT director of BigPanda, which offers AI software to detect and analyze problems in IT systems. “With on-prem software, you often have to grant elevated permissions or highly privileged accounts for the software to run, which creates risk,” he stated.    

Because the SolarWinds attack was apparently executed through a software patch, “Ironically, the most exposed SolarWinds customers were the ones that were actually diligent about installing Orion patches,” stated White.  

Read the source articles in GeekWirefrom The Economist and in eWeek.

Source: https://www.aitrends.com/security/solarwinds-hackers-targeted-cloud-services-as-a-key-objective/

Continue Reading

Cyber Security

Tax Season Ushers in Quickbooks Data-Theft Spike

Avatar

Published

on

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Source: https://threatpost.com/tax-quickbooks-data-theft/164253/

Continue Reading

Cyber Security

Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking

Avatar

Published

on

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Source: https://threatpost.com/mozilla-firefox-bugs-cookie-tracking/164246/

Continue Reading

Cyber Security

VMWare Patches Critical RCE Flaw in vCenter Server

Avatar

Published

on

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Source: https://threatpost.com/vmware-patches-critical-rce-flaw-in-vcenter-server/164240/

Continue Reading
NEWATLAS2 hours ago

NIH study confirms SARS-CoV-2 reinfections are relatively rare

NEWATLAS3 hours ago

Land Rover drops a V8 into fastest, most powerful Defender ever

AI3 hours ago

Using container images to run TensorFlow models in AWS Lambda

AI3 hours ago

IBM Reportedly Retreating from Healthcare with Watson 

AI3 hours ago

SolarWinds Hackers Targeted Cloud Services as a Key Objective 

AI3 hours ago

RAND Corp. Finds DoD “Significantly Challenged” in AI Posture 

AI3 hours ago

Tesla Working on Full Self-Driving Mode, Extending AI Lead 

Bioengineer4 hours ago

UM scientists achieve breakthrough in culturing corals and sea anemones cells

Bioengineer4 hours ago

CAR T-cell therapy generates lasting remissions in patients with multiple myeloma

AI4 hours ago

Asimov’s Three Laws Of Robotics And AI Autonomous Cars 

Bioengineer4 hours ago

Bearded seals are loud — but not loud enough

Bioengineer4 hours ago

Study finds human-caused North Atlantic right whale deaths are being undercounted

Nano Technology4 hours ago

A speed limit also applies in the quantum world: Study by the University of Bonn determines minimum time for complex quantum operations

180-degree-capital-corp-reports-6-7-growth-in-q4-2020-9-28-net-asset-value-per-share-as-of-december-31-2020-and-developments-from-q1-2021-including-expected-investment-in-a-planned-spac-sponsor.gif
Nano Technology4 hours ago

180 Degree Capital Corp. Reports +6.7% Growth in Q4 2020, $9.28 Net Asset Value per Share as of December 31, 2020, and Developments from Q1 2021 Including Expected Investment in a Planned SPAC Sponsor

cea-leti-dolphin-design-report-fd-soi-breakthrough-that-boosts-operating-frequency-by-450-and-reduces-power-consumption-by-30-joint-paper-presented-at-isscc-2021-shows-how-new-adaptive-back-biasing.jpg
Nano Technology4 hours ago

CEA-Leti & Dolphin Design Report FD-SOI Breakthrough that Boosts Operating Frequency by 450% and Reduces Power Consumption by 30%: Joint Paper Presented at ISSCC 2021 Shows How New Adaptive Back-Biasing Technique Overcomes Integration Limits in Chip Design Flows

Amb Crypto4 hours ago

Global crypto population surpasses 100 million; Boomers and Gen X now ‘keen on Bitcoin’

Bioengineer4 hours ago

New shape-changing 4D materials hold promise for morphodynamic tissue engineering

Bioengineer4 hours ago

Parker Solar Probe offers stunning view of Venus

NEWATLAS5 hours ago

Barley growing conditions found to affect whisky characteristics

Energy5 hours ago

Energy Transition Jobs: PG&E, Nexus Power Group, Breakthrough Energy Ventures, and more

Cyber Security5 hours ago

Tax Season Ushers in Quickbooks Data-Theft Spike

Bioengineer5 hours ago

Embracing our excremental selves

Bioengineer6 hours ago

Over 80% of Atlantic Rainforest remnants have been impacted by human activity

Bioengineer6 hours ago

‘Miracle poison’ for novel therapeutics

Cyber Security6 hours ago

Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking

Bioengineer6 hours ago

Rediscovered journal brings unique perspective on Atlantic slave trade

SPACS6 hours ago

Video: The Case for Why Clover Health Stock is Headed to Zero

Amb Crypto6 hours ago

Why Cardano’s price recovery is more organic than reflexive

Bioengineer6 hours ago

Strengthened by chaos, new super-hard materials will stir steel together

Automotive7 hours ago

SpaceX rapidly builds, tests Starship Moon elevator for NASA

Trending