Systems that are secure just now could be compromised the very next day. All it takes is someone publishing a vulnerability and an exploit, and a system can be successfully attacked.
A different type of threat emerged in August. Attackers exploited a vulnerability published last year to read private data from VPN endpoints. In August, the attackers published sensitive data withprivate keys and passwords from 900 VPN endpoints on a Russian forum. Thus, the vulnerability could have been patched long ago, again occurs an acute threat to VPN endpoints.
We were able to obtain the data and compare it against the IP addresses of our customers. All affected customers were informed by us.
We see it as our job to use our insights into the security scene as best we can to inform our customers about real risks.
You can read about the other security issues we were able to address on our website (not a complete list, just the most important entries).
I would also like to inform you that we have created the possibility to export reports as PDF in our dashboard. With this functionality we replace the possibility to share individual issues via public links.
One can filter the report and the respective filtered view is exported as PDF. This can be downloaded or shared directly via a public link. The link expires after 30 days by default.