Ransomware gang creates tool to automate VPN brute-force attacks

The Black Basta ransomware operation created an automated brute-forcing framework dubbed 'BRUTED' to breach edge networking devices like firewalls and VPNs.

https://www.bleepingcomputer.com/news/security/black-basta-ransomware-creates-automated-tool-to-brute-force-vpns/

Massive expansion of Italy’s Piracy Shield underway despite growing criticism of its flaws

Walled Culture has been following closely Italy’s poorly-designed Piracy Shield system. Back in December we reported how copyright companies used their access to the Piracy Shield system to order Italian Internet service providers (ISPs) to block access to all of Google Drive for the entire country, and how malicious actors could similarly use that unchecked power to shut down critical […]

#agcom #audiovisual #blocking #ccia #computer #copyright #costs #critical #deIndex #dns #DNSs #domains #DSA #elisaGiomi #eu #film #football #google #IP #ISPs #italy #linear #network #piracyShield #reporters #serietv #singleMarket #tris #tv #vpns #wipo

https://walledculture.org/massive-expansion-of-italys-piracy-shield-underway-despite-growing-criticism-of-its-flaws/

Three "strategies" by which #websites with a just cause are shooting themselves in the foot:

1. #Captchas – decreasing accessibility
2. Blocking access via the #Tor network and #VPNs – preventing people from bypassing censorship and surveillance
3. Restricting #RSS subscriptions to desktop clients – preventing self-hosting of aggregators, and cross-device synchronization of read status

It both sucks and hurts to see more and more of this, over time.

The effort poured into building VPNs far exceeds what it would take to fix the fundamental privacy and security flaws in internet protocols—eliminating the need for VPNs altogether. Instead of addressing the root cause, we keep investing in workarounds rather than solving the real problem. It’s time to rethink our approach.

As AI agents become ubiquitous, expect the copyright industry to try to turn them against you

One of the many interesting aspects of the new wave of artificial intelligence systems is that with them, copyright has moved from the fringe to centre stage. There are continuing debates about what role copyright should play in the world of generative AI, not to mention various lawsuits asking the courts to rule on that question. Those debates and lawsuits have been about two aspects of AI: […]

#agentic #agents #ai #apple #backdoors #cloudComputing #control #eu #filtering #france #generativeAi #HADOPI #italy #llms #matthewGreen #personalAssistant #piracyShield #privacy #uk #vpns

https://walledculture.org/as-ai-agents-become-ubiquitous-expect-the-copyright-industry-to-try-to-turn-them-against-you/

"It’s time to expand encryption on Android and iPhone. With governments around the world engaging in constant attacks on user’s digital rights and access to the internet, removing glaring and potentially dangerous targets off of people’s backs when they use their mobile phones is more important than ever.

So far we have seen strides for at least keeping messages private on mobile devices with end-to-end encrypted apps like Signal, WhatsApp, and iMessage. Encryption on the web has been widely adopted. We even declared in 2021 that “HTTPS Is Actually Everywhere.” Most web traffic is encrypted and for a website to have a reputable presence with browsers, they have to meet certain requirements that major browsers enforce today. Mechanisms like certificate transparency, Cross-origin resource sharing (CORS) rules, and enforcing HTTPS help prevent malicious activity happening to users every day.

Yet, mobile has always been a different and ever expanding context. You access the internet on mobile devices through more than just the web browser. Mobile applications have more room to spawn network requests in the app without the user ever knowing where and when a request was sent. There is no “URL bar” to see the network request URL for the user to see and check. In some cases, apps have been known to “roll their own” cryptographic processes outside of non-standard encryption practices."

https://www.eff.org/deeplinks/2025/02/closing-gap-encryption-mobile

#GooglePlay now flags verified #VPNs with #privacy badges. #Google

https://gadgetbond.com/google-play-vpn-verified-privacy-badges/

Backdoor infecting VPNs used “magic packets” for stealth and security - When threat actors use backdoor malware to gain access to a network, they ... - https://arstechnica.com/security/2025/01/backdoor-infecting-vpns-used-magic-packets-for-stealth-and-security/ #magicpackets #backdoors #security #juniper #biz⁢ #vpns

"Within this context, it is no surprise that Google searches for VPNs in Florida have skyrocketed. But as more states and countries pass age verification laws, it is crucial to recognize the broader implications these measures have on privacy, free speech, and access to information. While VPNs may be able to disguise the source of your internet activity, they are not foolproof—nor should they be necessary to access legally protected speech.

A VPN routes all your network traffic through an "encrypted tunnel" between your devices and the VPN server. The traffic then leaves the VPN to its ultimate destination, masking your original IP address. From a website's point of view, it appears your location is wherever the VPN server is. A VPN should not be seen as a tool for anonymity. While it can protect your location from some companies, a disreputable VPN service might deliberately collect personal information or other valuable data. There are many other ways companies may track you while you use a VPN, including GPS, web cookies, mobile ad IDs, tracking pixels, or fingerprinting.

With varying mandates across different regions, it will become increasingly difficult for VPNs to effectively circumvent these age verification requirements because each state or country may have different methods of enforcement and different types of identification checks, such as government-issued IDs, third-party verification systems, or biometric data. As a result, VPN providers will struggle to keep up with these constantly changing laws and ensure users can bypass the restrictions, especially as more sophisticated detection systems are introduced to identify and block VPN traffic."

https://www.eff.org/deeplinks/2025/01/vpns-are-not-solution-age-verification-laws

The Best #VPNs to Protect Yourself Online

https://www.wired.com/story/best-vpn/

@torproject Do you have a #PeerTube account?

I'm trying to watch the State of The Onion on your official #YouTube channel, but YT refuses to load on Tor (and most #VPNs) since 2024.

Do you mirror to PeerTube or is there some other platform where we can view your SOTO in #Tor Browser?

So is there anything that can be done about #youtube blocking access from #vpns even when using #freetube or #ytdlp ? #privacy #Google

Best of 2024: If You are Reachable, You Are Breachable, and Firewalls & VPNs are the Front Door  – Source: securityboulevard.com https://ciso2ciso.com/best-of-2024-if-you-are-reachable-you-are-breachable-and-firewalls-vpns-are-the-front-door-source-securityboulevard-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityAwareness #SecurityBoulevard #SocialFacebook #SocialLinkedIn #Cybersecurity #Bestof2024 #firewalls #zerotrust #SocialX #VPNs

Achtung bei #ChromeExtensions: #Schadcode wurde in 36 Erweiterungen eingeschleust, darunter #KI-Tools, #Passwortmanager und #VPNs.

https://www.golem.de/news/millionen-nutzer-gefaehrdet-schadcode-in-36-chrome-extensions-eingeschleust-2501-192093.html

Betroffen sind 2,6 Millionen Nutzer. Der Angriff begann mit einem #Phishing-Vorfall und zielt auf sensible Daten wie #Facebook-Zugangsdaten ab. Nutzer sollten betroffene #Extensions prüfen und #Passwörter ändern. Mehrere Erweiterungen wurden bereits bereinigt oder entfernt.

Is it just me or does #NordVPN really suck?

Real story: spent one full hour trying to get internet to work in a hotel room. Problem isn't the hotel. Complete uninstall of NordVPN and everything *immediately* works.

WTF?

"#Russia Tests Cutting Off Access to Global Web, and #VPNs Can't Get Around It"

https://www.pcmag.com/news/russia-tests-cutting-off-access-to-global-web-and-vpns-cant-get-around

Now that it has lost #Syria, #Russia is preparing for #revolution following it home

"#Roskomnadzor blocked residents in #Dagestan, #Chechnya, and #Ingushetia, which have majority-#Muslim populations, #ISW says... People in those areas couldn't access #Google, #YouTube, #Telegram, #WhatsApp, or other foreign websites or apps—even if they used #VPN s, according to a local #Russian news site"

There were interesting discussions (I listened in) at breakfast on the subject of VPN. I am very surprised that the "professionals" *cough* among the participants don't know something like Rethink, Mullvad etc. or that it is too tedious for them to set up a box.

But hey, not my problem, I'm not a "professional"! Sent via
#SANS #personalgrowth #training #vpns