The article states IT vulnerabilities related to Linux and Unix operating system which allow attackers to remote and spy with encrypted VPN connections. This is called CVE-2019-14899. The attackers also use virtual network private protocols like OpenVPN, WireGuard, and IKEv2/IPSec. With this attack, hackers are able to
- determine the virtual IP address of a victim assigned by the VPN server,
- determine if there is an active connection to a given website,
- determine the exact seq and ack numbers by counting encrypted packets and/or examining their size, and
- inject data into the TCP stream and hijack connections.
Source: https://thehackernews.com/2019/12/linux-vpn-hacking.html
Leave a Reply
You must be logged in to post a comment.