There have been over a week since the public release of heartbleed bugs and exploits. Most sites that have been confirmed to have this vulnerability could solve this problem; . But not all of them
Security Team VPN discovered today that six VPN providers are still vulnerable to heartbleed:
NetScop.net (https: // filippo .io / heartbleed / # netscop.net)
BreakWall.net (https://filippo.io/Heartbleed/#breakwall.net),
TowerVPN .com (https: / /filippo.io/Heartbleed/#towervpn.com),
SimpleVPN.net (https://filippo.io/Heartbleed/#simplevpn.net),
VPNService.ru (https: //filippo.io/Heartbleed/#vpnservice.ru)
VPNFreeWay.net (https://filippo.io/Heartbleed/#vpndiscount.net and https: // filippo.io/Heartbleed/ # vpnfreeway.net)
it means that the attacker is able to gain full access to their Web servers and steal sensitive information. again, this vulnerability can lead to the exposure of their VPN servers' SSL certificates, which can make their VPN tunnel clients vulnerable to a man in the Middle attack.
We hope this will not lead to unwanted disclosure of customer information to the above VPN, and we also hope that these issues will be fixed as soon as possible.
We are trying to communicate with these suppliers to help them resolve this issue.
Remember that VPN was not vulnerable to heartbleed, and you can be assured when using VPN it is now, and always has been, a secure service.
Updated 17/04/2014
The following suppliers have confirmed that they have fixed the vulnerability:
VPNFreeWay.net
NetScop.net
0 Komentar