[Most Recent Entries] [Calendar View]
Tuesday, October 22nd, 2019
| Time | Event |
| 9:31a | NordVPN Had Private Keys Stolen after Server Breach  VPN service provider NordVPN was the victim of a server breach early last year, the provider has confirmed. The news was made public following a series of tweets from hacker / web developer ‘undefined.’ These were picked up by Ars Technica and TechCrunch, among others. The hack in question targeted a single server at a third-party datacenter. The attacker reportedly compromised the server by exploiting an insecure remote management system, which NordVPN wasn’t aware existed at the time. By compromising the server the attacker gained access to three TLS keys that would allow this person to operate a fake NordVPN.com site or VPN server, using a man-in-the-middle attack. NordVPN stresses that it doesn’t keep user logs and that it wasn’t possible to use the keys to decrypt regular VPN traffic or previously recorded VPN sessions. The server in question was compromised early 2018 but NordVPN didn’t disclose it at the time. The company now says that it chose not to do so because it had to make sure that none of its other infrastructure was prone to similar issues. Following the news reports, NordVPN published its own account of what happened and how this affected its users. The company stresses that the breached keys have since expired (they were initially active) and could never be used to decrypt VPN traffic of users. While the compromised TLS keys couldn’t decrypt VPN traffic, a server breach is of course always a big event of course. Especially in the VPN industry, where trust in a company is extremely important. That the effect appears to be limited here is a good thing, but that doesn’ change the fact that the server was hacked. While NordVPN stresses that the hack only had a minimal impact, it recognizes that security is a vital issue, and that it should do better going forward. “Even though only 1 of more than 3000 servers we had at the time was affected, we are not trying to undermine the severity of the issue. We failed by contracting an unreliable server provider and should have done better to ensure the security of our customers,” NordVPN says. “We are taking all the necessary means to enhance our security,” the company adds. NordVPN further informs TorrentFreak that it always treats VPN servers as the least secure part of their infrastructure, since breaches are always possible. This means that VPN endpoints do not contain any “vulnerable information,” nor do they provide access to the rest of the infrastructure or a user database. If anything, this episode shows that 100% security is nearly impossible. In addition to the NordVPN hack, competing services TorGuard and VikingVPN also suffered breaches, according to reports. TorGuard previously confirmed this a few months ago. — Disclaimer: NordVPN is one of our sponsors. This article was written independently, as all of our articles are. Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons. |
| 3:06p | Fox & Charter/Spectrum Agree to Clamp Down on Piracy  Once upon a time, telecoms companies, Internet service providers, and content creation companies trod their own path. Increasingly, however, they are becoming more reliant on each other, with the latter using the formers’ distribution capabilities to present and deliver content to the public. As a result, they are forging mutually beneficial business relationships, ones that will hopefully prove profitable for all. On Monday, Fox Corporation and Charter Communications announced what they describe as a long-term renewal of a distribution agreement. It will see Charter maintaining access to Fox’s “full portfolio” of news, entertainment, and sports networks. Interestingly, Fox will also get a couple of things in return. Password sharing has appeared in the news on several occasions in the past couple of years, with some content organizations framing the activity as a type of piracy. The new deal will see Charter, which operates under the Spectrum brand, collaborate with Fox to reduce it. Additionally, Charter has also signed up to cooperate with Fox to mitigate piracy in general. The information released thus far is lacking in detail but the companies have reportedly agreed to implement “business rules” to address unauthorized access to content. “This agreement allows continued access to all of the FOX programming for our customers and FOX viewers, but it will also amplify our mutual efforts to address piracy and abusive password sharing issues,” says Tom Montemagno, Executive Vice President, Programming Acquisition for Charter. “We appreciate FOX’s desire to further collaborate as the video landscape continues to evolve.” In August, Charter announced a similar-sounding deal with another entertainment industry giant. “Disney and Charter have also agreed to work together on piracy mitigation,” the statement read. “The two companies will work together to implement business rules and techniques to address such issues as unauthorized access and password sharing.” Just last week, Comcast became the first Internet service provider to join ACE, the global anti-piracy alliance comprising dozens of the world’s largest entertainment and distribution companies. The way things are moving, it probably won’t be the last. Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons. |
| << Previous Day |
2019/10/22 [Calendar] |
Next Day >> |