400
Never-before-seen Linux malware gets installed using 1-day exploits
(arstechnica.com)
This is a most excellent place for technology news and articles.
Seems it's exploiting vulnerabilities in some software called "Ivanti Connect Secure VPN", so unless you're running that, you're safe I guess. Says in the past they used vulnerabilities in "Qlik Sense" and Adobe "Magento". Never heard of any of those, but I guess maybe some businesses use them?
I pay for ProtonVPN, and I still run my traffic through OpenVPN.
Hate to victim blame, but unless you're going to audit every line of code yourself, don't use obscure software.
To be fair you should be using wire guard then. Because multiple of the largest and most well-known security auditing firms in the world have said that openvpn is impossible to truly audit. It's too large, you can audit individual parts of it, and you can audit individual interactions between parts. But it's not possible to fully audit.
Meanwhile wireguard is quite small so it can be fairly easily audited by a small team and has been multiple times
But it could be banned by DPI. Russia does it, China also obviously
You can wrap it into https with nginx if you wanna get super fancy so it just looks like web traffic even with dpi. Takes a latency and speed hit but it works