49 matches found
ProtonVPN 1.26.0 Unquoted Service Path
Exploit Title: ProtonVPN 1.26.0 - Unquoted Service Path Date: 22/03/2022 Exploit Author: gemreda @gemredax Vendor Homepage: https://protonvpn.com/ Software Link: https://protonvpn.com/ Version: 1.26.0 Tested: Windows 10 x64 Contact: [email protected] PS C:\Users\Emre sc.exe qc "ProtonVPN Wireguard" ...
ProtonVPN 1.26.0 - Unquoted Service Path Vulnerability
Exploit Title: ProtonVPN 1.26.0 - Unquoted Service Path Exploit Author: gemreda @gemredax Vendor Homepage: https://protonvpn.com/ Software Link: https://protonvpn.com/ Version: 1.26.0 Tested: Windows 10 x64 Contact: email protected PS C:\Users\Emre sc.exe qc "ProtonVPN Wireguard" SC...
ProtonVPN 1.26.0 - Unquoted Service Path
Exploit Title: ProtonVPN 1.26.0 - Unquoted Service Path Date: 22/03/2022 Exploit Author: gemreda @gemredax Vendor Homepage: https://protonvpn.com/ Software Link: https://protonvpn.com/ Version: 1.26.0 Tested: Windows 10 x64 Contact: [email protected] PS C:\Users\Emre sc.exe qc "ProtonVPN Wireguard" ...
Data Wiper Malware Disguised As Ransomware Targets Israeli Entities
Researchers on Tuesday disclosed a new espionage campaign that resorts to destructive data-wiping attacks targeting Israeli entities at least since December 2020 that camouflage the malicious activity as ransomware extortions. Cybersecurity firm SentinelOne attributed the attacks to a nation-stat...
‘Agrius’ APT Launches Wiper Attacks Against Israelis
A new attack group called Agrius is launching damaging wiper attacks against Israeli targets, which researchers said are hiding behind ransomware to make their state-sponsored activities appear financially motivated. Sentinel Labs analysts said they have been tracking Agrius’ operations in Israel...
ProtonVPN CEO Blasts Apple for 'Aiding Tyrants’ in Myanmar
In a blog post filled with a passionate defense of human rights and internet privacy, Andy Yen, the CEO of secure internet provider ProtonVPN, blasted Apple for blocking its latest update and accused the tech juggernaut of helping the global spread of authoritarianism by “giving in to tyrants.” Y...
ProtOSINT - A Python Script That Helps You Investigate Protonmail Accounts And ProtonVPN IP Addresses
ProtOSINT is a Python script that helps you investigate ProtonMail accounts and ProtonVPN IP addresses. Description This tool can help you in your OSINT investigation on Proton service for educational purposes only. ProtOSINT is separated in 3 sub-modules: 1 Test the validity of one protonmail...
Apple Unpatched VPN Bypass Bug Impacts iOS 13, Warn Researchers
An unpatched bug in the latest version of Apple’s iOS is blocking virtual private network VPN applications from cloaking some private data transmitted between a device and the servers they are requesting data from. While the bug remains unpatched, Apple is suggesting steps users can take to reduc...
Hackers clone ProtonVPN website to drop password stealer malware
By Sudais Asif Currently, ProtonVPN has more than 2 million users around the world and that makes it a lucrative target for cybercriminals. This is a post from HackRead.com Read the original post: Hackers clone ProtonVPN website to drop password stealer malware...
AZORult spreads as a fake ProtonVPN installer
AZORult has its history. However, a few days ago, we discovered what appears to be one of its most unusual campaigns: abusing the ProtonVPN service and dropping malware via fake ProtonVPN installers for Windows. Screenshot of a fake ProtonVPN website The campaign started at the end of November 20...
Safeguard Your Data And Privacy Online With This Award-Winning VPN
It seems as though not a day goes by without a new story breaking about a high-level cyber attack on a major corporation or national government. Hackers are becoming increasingly adept at breaking through a variety of super-secure firewalls, and they're not just after the riches of Fortune 500...
ProtonVPN Subscriptions Now Available on Firefox for $10
By Waqas Mozilla has announced that it will be launching an experimental feature in the new version of Firefox that will offer ProtonVPN subscriptions. The feature, however, will be accessible by users only after they subscribe for a monthly package. It is basically, a subscription-based VPN...
The vulnerability of ProtonVPN’s software for accessing VPN services arises from the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows a malicious user to execute arbitrary commands or code with SYSTEM privileges.
The vulnerability of ProtonVPN’s software for accessing VPN services arises from the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands or code with SYSTEM privilege...
ProtonVPN VPN client code execution vulnerability
ProtonVPN VPN client is a free VPN client application for anonymous access to the Internet. A code execution vulnerability exists in the linking feature of ProtonVPN VPN client version 1.5.1, which can be exploited to execute arbitrary commands with system privileges with the help of a specially...
ProtonVPN, NordVPN Flaws Open Door to Privilege Escalation
UPDATE A pair of vulnerabilities in the ProtonVPN and NordVPN VPN clients have been uncovered, which allow attackers to execute code as an administrator on targeted Microsoft Windows machines. In both cases CVE-2018-3952 NordVPN and CVE-2018-4010 ProntonVPN, the clients have the same design,...
CVE-2018-4010
An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN client 1.5.1. A specially crafted configuration file can cause a privilege escalation, resulting in the ability to execute arbitrary commands with the system's privileges...
CVE-2018-4010
An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN client 1.5.1. A specially crafted configuration file can cause a privilege escalation, resulting in the ability to execute arbitrary commands with the system's privileges...
CVE-2018-4010
CVE-2018-4010 affects ProtonVPN VPN Client 1.5.1. A vulnerability in the connect flow allows a specially crafted OpenVPN configuration to trigger a privilege escalation, enabling code execution with system privileges. The root cause involves how OpenVPN configuration lines (e.g., plugin, script-s...
CVE-2018-4010
An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN client 1.5.1. A specially crafted configuration file can cause a privilege escalation, resulting in the ability to execute arbitrary commands with the system's privileges...
Vulnerability Spotlight: CVE-2018-3952 / CVE-2018-4010 - Multi-provider VPN Client Privilege Escalation Vulnerabilities
Discovered by Paul Rascagneres. Overview Cisco Talos has discovered two similar vulnerabilities in the ProtonVPN and NordVPN VPN clients. The vulnerabilities allow attackers to execute code as an administrator on Microsoft Windows operating systems from a standard user. The vulnerabilities were...