Crypto wallets are essential in keeping your cryptocurrency safe. There are different types of wallets available and choosing…

Crypto wallets are essential in keeping your cryptocurrency safe. There are different types of wallets available and choosing one can be confusing for so many investors. The three commonly used are mobile, desktop, and hardware wallets. 

Mobile and desktop wallets are called hot wallets, which means they are connected to the internet. Hardware wallets, on the other hand, are cold and thus don’t require Wi-Fi. However, all these wallets are non-custodial. You have the full responsibility of protecting your keys.

In this article, we will look at mobile, desktop, and hardware wallets to help you determine the best option for your investment. 

****Hardware Wallet****

Hardware crypto wallets offer offline protection. These are physical devices used to store your private keys. Since they are not connected to the internet or any other devices, hardware wallets are typically considered more secure, but they can be a little complicated to use. 

Modern hardware wallets are more refined. For example, if we look at the Tangem wallet review, you will learn that these devices are designed similarly to modern credit cards and use smartphone displays, making them convenient to carry around. 

Hardware wallets are ideal for large investments since they are highly secure and less susceptible to online attacks. It is best to buy these wallets from authorized dealers or the main company to avoid getting a counterfeit one. 

****Mobile Wallets****

Mobile crypto wallets are apps you can download on your phone to manage your cryptocurrency. It can be on your main phone or another mobile device. These wallets are very portable, enabling you to make transactions on the go. Most mobile wallets have a PIN and a recovery phrase to increase security. 

The major downside is walking around with your wallet is risky. You can easily lose your phone, which makes your wallet vulnerable to hacking. However, some people are adopting to use of a second phone as their mobile wallet which is more secure. The phone is often disconnected from WiFi and may even not include a plan. You only switch it on when making a transaction. 

Generally, mobile wallets are ideal for people who use crypto often, especially in small transactions. It is also a good option for beginners who don’t have a large investment. 

****Desktop Crypto Wallets****

Desktop wallets are software or programs you can install on your computer. Most wallets are compatible with common operating systems like Windows, Linux, and Mac. These are very similar to desktop wallets but some providers offer extra advantages. 

For example, some software wallets allow you to keep your keys offline on a USB drive, essentially functioning like hybrid crypto wallets. Desktop wallets are more secure than mobile ones but are not portable since it is not quite convenient to carry your desktops everywhere. 

The main risk is that if your device gets infected by a virus or malware, your crypto could be jeopardized. Desktop wallets are a good alternative for anyone looking for a secure wallet that is not for everyday use.

****Conclusion****

Choosing the best crypto wallet depends on your use and the size of the investment. For those who use crypto daily, mobile wallets are the best choice. If you want a foolproof, secure wallet, opt for hardware. However, if you are using browser-generated wallets watch out for security vulnerabilities like Randstorm which is currently impacting billions in crypto assets worldwide.

1.  Benefits of Using an Anonymous Bitcoin Wallet
2.  Biggest Crypto Scam Tactics and How to Avoid Them
3.  Power Plants to eWallets: ZTNA’s Role in the Gig Economy
4.  Study Finds AI Guesses Crypto Seed Phrases in 0.02 Seconds
5.  The Growing Importance of Secure Crypto Payment Gateways

Hardware Crypto Wallets vs. Mobile vs. Desktop: Which Should You Choose?

Several government departments are investigating TP-Link routers over Chinese cyberattack fears, but the company denies links.

If you buy something using links in our stories, we may earn a commission. This helps support our journalism. Learn more. Please also consider subscribing to WIRED

TP-Link is one of the most popular router manufacturers in the US, but the company is facing a potential ban due to security concerns about its links to China. A December report from The Wall Street Journal revealed that the US Commerce, Defense, and Justice Departments are investigating TP-Link, though no evidence of deliberate wrongdoing has yet emerged.

“We are a US company,” Jeff Barney, president of TP-Link told WIRED, “We have no affiliation with TP-Link Tech, which focuses on mainland China, and we can prove our separateness.”

The investigation was sparked by a letter from John Moolenaar, a Republican for Michigan, and Raja Krishnamoorthi, a Democrat of Illinois. Both are on the House Select Committee on the Strategic Competition Between the United States and the Chinese Communist Party. They outlined concerns that Chinese state-sponsored hackers may be able to compromise TP-Link’s routers more easily than other brands and thereby infiltrate US systems, and that TP-Link is subject to Chinese law, meaning it can be forced to hand over sensitive US information by Chinese intelligence officials.

Photograph: Simon Hill

TP-Link was founded in China in 1996 by two brothers, and TP-Link USA was established in 2008. It wasn’t until 2022 that the Chinese and US wings began to split. The process of moving the 170 subsidiaries and all the related ownership out of Hong Kong and into the United States was delayed by the pandemic, says Barney, but it was divested and restructured by 2024.

TP-Link now has headquarters in California and Singapore and manufactures in Vietnam. It researches, designs, develops, and manufactures everything except chipsets in-house, according to Barney. “Our entities in China are governed directly by us, our employees badged by us, secured by us, in our own facilities.” He also says TP-Link has shared documentation with investigators and that its factory in Vietnam was audited by US retail partners like Walmart, Best Buy, and Costco.

“Everybody has a Nexus in China,” Barney says. He claims that American rival Netgear uses Chinese ODMs (original device manufacturers) to build its products and that even Apple relies on manufacturing in China. Netgear says its routers are manufactured in Taiwan, Vietnam, and Thailand, not China.

**Competition Concerns**

The WSJ report suggests that TP-Link has a leading 64.9 percent share of the US router market, but TP-Link disputes this. The company claims its share hovered around 20 percent for the last few years, but jumped to a 36.5 percent unit share and a 30.7 percent dollar share in 2024. But even TP-Link’s lower estimate shows a company in the ascendancy. This dominance has been driven by aggressively low prices and a relatively early roll-out of Wi-Fi 7 routers, perceived by some as a concerted effort to flood the US market.

“Technology should not be exorbitant,” Barney says. “We're trying to democratize these products.”

However, the wide product range raises questions, with many wondering how TP-Link can profit from routers sold at such low prices compared to the competition. Former CNET reviewer Dong Ngo explores this point on the in-depth router review website, Dong Knows.

Concerns about the links between Chinese companies and its government are nothing new. The ban on Huawei’s networking equipment and US sanctions came after years of cybersecurity concerns and intellectual property lawsuits brought by US companies. The TikTok ban is not being enforced by President Donald Trump’s administration, but owner ByteDance is still under pressure to divest its US operations. These situations can be tricky for the average person to navigate because the lines between shoddy security, Chinese espionage, US protectionism, and the growing trade war are distinctly blurry and are not mutually exclusive.

It’s no secret that US competitor Netgear has been lobbying the US government on “cybersecurity and strategic competition with China.” Netgear has had a tough couple of years after adopting a premium pricing strategy that did not resonate with consumers. It has also been embroiled in litigation against TP-Link for patent infringement, resulting in TP-Link paying a $135 million settlement in September 2024.

**Are TP-Link Routers Secure?**

TP-Link has signed CISA’s “Secure by Design” pledge and is part of the Technical Exchange Group. It has a vulnerability disclosure program, where independent researchers and the security community can report potential issues to security@tp-link.com. It claims report response time was 8.4 days on average in 2023, with patches released in an average of 38.5 days. The company is also planning to launch a bug bounty program.

Barney claims TP-Link’s rate of vulnerabilities per product is significantly lower than many of its peers, including Netgear and Cisco, citing public data collected by Finite State, an independent US cybersecurity company, from CVE Details, VulDB, and CISA (Cybersecurity and Infrastructure Security Agency), but not everyone agrees.

“TP-Link does not have a great reputation for patching vulnerabilities or working with security researchers, which does raise alarm bells,” Pieter Arntz, malware intelligence researcher for Malwarebytes told WIRED via email.

Photograph: TP-Link; Data Source: U.S. Cybersecurity and Infrastructure Security Agency

TP-Link was criticized in a recent Microsoft report over a “password spraying” hack that mostly impacted its routers, and the report suggested Chinese “nation-state threat actor activity.” Barney says these were end-of-service products and that Asus and Netgear routers were also impacted.

Other incidents include a Check Point Research exposé of a malicious firmware implant for TP-Link routers, linked to a Chinese state-sponsored “advanced persistent threat” group dubbed “Camaro Dragon.” Cyfirma researchers also found TP-Link router vulnerabilities for sale on underground forums.

“It’s also a challenge because regardless of the home router vendor, there will always be vulnerabilities found,” Arntz says.

A part of the problem with older routers is that the onus is often on the user to download and install updates, and this is rarely automatic or as simple as clicking on “update,” which means many patches are never installed, creating vulnerable devices for any savvy cybercriminals or nation-states. Even months after TP-Link released patches for a vulnerability on its popular Archer AX21 router, hackers continue to scan for and exploit it on unpatched routers.

These security concerns are moot in the face of built-in backdoors. Backdoors can be pieces of code or even hardware added to the circuit board that enables remote parties to gain access and potentially control the device. There’s no evidence that TP-Link devices have backdoors, but, as Ngo points out, when you use an online account with your router, you are already giving the company access through the front door. Whether remote connectivity is justified by the need for automatic software updates, remote control access, or other features for users, it effectively gives the manufacturer access to your router.

**Should You Worry?**

Ultimately, the concern isn’t so much about the Chinese government or other malicious actors spying on your web browsing habits—though that is possible—it’s the idea they might employ your router as a part of a botnet to launch a cyberattack on a US government agency or major service provider.

The NSA has been concerned about Chinese hackers for some time now, and China's Salt Typhoon spies continue to infiltrate US internet service providers and telecommunications companies. Speaking on the _NatSec Tech_ podcast recently, former special assistant to the president and cybersecurity coordinator on the US National Security Council, Rob Joyce, likened TP-Link routers to a Trojan Horse and suggested China is pre-positioning for a potentially devastating attack on US infrastructure.

While some cybersecurity experts suggest a ban is imminent, Barney is confident that TP-Link routers won’t be banned. Investigations are ongoing. Even if the government doesn't find anything or decides against a ban, it won’t publicly clear TP-Link. It’s more likely the investigation will fade from the news.

Photograph: Simon Hill

For owners of a TP-Link router or anyone considering buying one, it all boils down to trust. We've tested and recommend several TP-Link routers and Deco mesh systems in our buying guides because they offer good value and great performance. But we continually update our guides and will monitor the situation before deciding whether we need to reconsider those recommendations.

There’s no easy fix because all the major router manufacturers have issues with vulnerabilities, and most of them require you to use an online account. You can go down the rabbit hole with router security, or seek out security-focused brands like Firewalla, but expect to pay more for your equipment in both time and money.

Even if you stick with what you have, there are steps you can take to be more secure online. We recommend using a VPN service and learning a little about router settings. Malwarebytes’ Arntz says the most secure router is the one on which you are comfortable changing the settings: credentials, firewall options, and especially installing updates.

Here’s his advice for home TP-Link router owners who are concerned:

*   First, update your login credentials. Ensure you have moved away from the default login credentials set by the router manufacturer (or internet provider). Make this password different from your Wi-Fi name and password. And remember, length equals strength when it comes to passwords.
*   Second, patch your device and set a reminder to check regularly for firmware updates.
*   Third, turn on the firewall and Wi-Fi encryption. You can find these settings by logging into your router from its app or website.
*   Finally, consider purchasing a new router from a different vendor with a less problematic history.

TP-Link also manufactures a wide range of smart home devices marketed under the Tapo brand, including everything from security cameras to water leak detectors. These are not part of the current investigation, which seems to be focused solely on routers. TP-Link says it has applied to the FCC’s Cyber Trust Mark program administered by UL Solutions, which ensures that internet-of-things devices are tested and labeled secure. Sadly, there is no such program for routers.

The US Is Considering a TP-Link Router Ban—Should You Worry?

Massive 1.17 TB data leak exposes billions of records from a Chinese IoT grow light company. Wi-Fi passwords,…

Massive 1.17 TB data leak exposes billions of records from a Chinese IoT grow light company. Wi-Fi passwords, IP addresses, and device IDs are among the exposed data. Learn more.

A large, unprotected database belonging to Mars Hydro, a company specializing in IoT grow lights (Internet of Things Grow Lights) and agricultural software, was discovered by cybersecurity researcher Jeremiah Fowler.

The database, containing a whopping 2.7 billion records totalling 1.17 terabytes, exposed a treasure trove of sensitive information, including Wi-Fi network names (SSIDs), passwords, IP addresses, device IDs, email addresses, and more.  

According to Fowler’s blog post for vpnMentor which the company shared with Hackread.com ahead of publishing on Wednesday 12th February 2025, within the database, folders labelled for logging, monitoring, and error records of IoT devices worldwide were found. 

Sample analysis revealed over 100 million records across 13 folders, containing not only Wi-Fi network names but also their corresponding passwords, along with IP addresses and unique device identifiers.  Interestingly, the data also seemed to link to the control devices, such as smartphones, used to manage these IoT products, revealing information about operating systems (e.g. iOS and Android).

Further investigation linked the database to LG-LED SOLUTIONS LIMITED, a California-registered company.  API details and URLs associated with LG-LED SOLUTIONS, Mars Hydro, and Spider Farmer- all involved in the manufacturing and sale of agricultural grow lights, fans, and cooling systems- were also present in the exposed data.  Numerous records were specifically labelled as “Mars-pro-iot-error” or “SF-iot-error,” suggesting a connection to these specific product lines.  

Fowler also found error logs containing potentially sensitive information, including tokens, application versions, device types, and IP addresses, in addition to the Wi-Fi credentials. 

Following the discovery, Fowler promptly notified LG-LED SOLUTIONS and Mars Hydro, leading to the database being secured within hours. Mars Hydro, identified as a Shenzhen, China-based LED grow light manufacturer with warehouses in the UK, US, and Australia, confirmed to Fowler that the Mars Pro app is their official product. 

Nevertheless, questions remain regarding the database’s ownership, management, and the duration of its exposure. It is unclear if the database was managed directly by LG-LED SOLUTIONS or a third-party contractor. A thorough forensic audit would be required to determine the extent of any unauthorized access, Fowler noted in the blog post.

The Mars Pro app and connected devices have been exposing vast amounts of information. Such lapses can lead to misuse, like surveillance, man-in-the-middle attacks, and manipulation. The recently reported Matrix hacker group is a prime example of the ongoing exploitation of exposed IoT devices for DDoS botnets.

Additionally, studies indicate that a significant percentage of IoT devices (57%) are highly vulnerable, with a majority of transmitted data (983%) being unencrypted. To mitigate these risks, IoT device makers and app developers must prioritize data protection, avoid plain text logging, use encryption, secure internal cloud storage, and conduct regular security audits and penetration testing.

.

Massive 1.17TB Data Leak Exposes Billions of IoT Grow Light Records

Gambling companies are sharing their users’ data with Meta for marketing and tracking purposes.

While you might think you’re hitting the jackpot, whether you’ve consented to it or not, online gambling sites are playing with your data. Users’ data, including details of webpages they visited and buttons they clicked, are being shared with Meta, Facebook’s parent company.  

The Observer reports that over 150 UK gambling websites have been extracting visitor data through a hidden embedded tracking tool, and then sending that data to Meta in order to profile people as gamblers and flood them with Facebook ads for casinos and betting sites.

The gambling websites used and shared data for marketing purposes—without obtaining explicit permission from the users—in an apparent breach of data protection laws. The websites include popular sites like Hollywoodbets, Sporting Index, Lottoland, and Bwin.  

Of the 150 websites that were tested, 52 used a tracking tool called Meta Pixel to share data directly and without explicit consent. This data was automatically transferred when loading the webpage, before users could even accept or decline the use of their data.  

The data collection resulted in the reporter—who said they never once agreed to the use of their data for marketing purposes— being inundated with ads for gambling websites. In one browsing session, the reporter encountered ads from 49 different brands, including from betting companies which were not involved in the data collection and had been using Meta Pixel within the rules.  

Wolfie Christl, a data privacy expert investigating the ad tech industry commented:

> “Sharing data with Meta is highly problematic, even with consent, but doing so without explicit informed consent shows a blatant disregard for the law. Meta is complicit and must be held accountable” 

This isn’t the first time that gambling sites have been caught unlawfully selling off user data, and comes amid calls for a wider investigation into the targeting of gamblers, as well as the need for more protective measures.

**Don’t gamble away your data and stay protected**

Here are some ways to protect your data while using gambling (or any other) sites online:

*   Use a VPN, especially on public Wi-Fi networks
*   Use privacy-focused browsers and search engines, such as Brave
*   Clear your browsing data when closing your browser
*   Review the permissions of all your apps. Only grant them permission to access things they absolutely need.
*   Disable location tracking for as many apps as possible
*   Disable personalized ads as much as you can
*   Keep your devices up-to-date. This protects you from vulnerabilities that cybercriminals might try to exploit
*   Install Malwarebytes Browser Guard—our free tool that protects against ad tracking.

 Gambling firms are secretly sharing your data with Facebook  

Privacy, security, and unrestricted access are the promises of a personal VPN. But what does it actually do,…

Privacy, security, and unrestricted access are the promises of a personal VPN. But what does it actually do, and why do so many people rely on it? In an era of constant digital surveillance, increasing cyber threats, and growing concerns over data privacy, VPNs (Virtual Private Networks) have surged in popularity.

But not all VPNs are created equal. Some are designed for corporate use, while others cater to individuals looking for enhanced online anonymity. So, let’s break it down: What is a personal VPN? How does it work? And what benefits does it bring to the table?

****Understanding Personal VPNs****

A Personal VPN is a service that encrypts your internet traffic and routes it through a secure server, masking your IP address and online activities. Unlike business or corporate VPNs, which are typically used to provide remote employees with access to internal company networks, personal VPNs focus on individual users who want to protect their privacy, bypass geo-restrictions, or stay safe on public Wi-Fi.

Think of it as a digital invisibility cloak, one that shields you from prying eyes, whether they belong to hackers, advertisers, or even your own Internet Service Provider (ISP).

But why does this matter? Consider this: 70% of internet users worldwide are concerned about their online privacy (Statista, 2023). That’s a lot of people looking for ways to stay anonymous, avoid tracking, and prevent data breaches.

****How Does a Personal VPN Work?****

A VPN functions like a secure tunnel between your device and the internet. Here’s a simplified breakdown of what happens when you connect to a VPN server:

*   **Your device encrypts all outgoing internet traffic.** This means your browsing data, passwords, and online activities become unreadable to outsiders.

*   **The encrypted data is sent to a VPN server, located in a different region or country.** Your real IP address is replaced with one from the VPN server, making it appear as if you’re browsing from that location.

*   **The server forwards your requests to the internet.** Websites and services see only the VPN server’s IP address, not yours.

*   **Incoming data follows the same path back, fully encrypted.** This prevents hackers, ISPs, and governments from snooping on your activity.

****What Is a Personal VPN Server?****

For those who want even more control, a personal VPN server is an option. Instead of relying on a commercial VPN provider, you can set up your own VPN server; on a cloud platform, a home router, or a dedicated server. This offers:

*   **Full control over security settings**

*   **No reliance on third-party VPN providers**

*   **Faster speeds with fewer users sharing the server**

However, setting up a personal VPN server requires technical knowledge and maintenance. Most people opt for paid VPN services instead.

****Key Features of a Personal VPN********1\. Strong Encryption****

A good VPN uses AES-256 encryption; the same standard used by governments and banks. It ensures that even if your data is intercepted, it remains unreadable.

****2\. No-Logs Policy****

Some VPNs keep logs of your online activity, which defeats the purpose of using one. The best VPNs follow a strict no-logs policy, meaning they don’t track or store user data.

****3\. Multiple Server Locations****

Want to access Netflix libraries from different countries? A VPN with global server locations lets you bypass geo-blocks and censorship.

****4\. Kill Switch****

If your VPN connection drops unexpectedly, a kill switch cuts off your internet to prevent data leaks.

****5\. Split Tunneling****

Some users need certain apps to bypass the VPN. Split tunneling allows you to choose which traffic goes through the VPN and which doesn’t.

****6\. Fast Speeds****

VPNs can slow down your connection, but top-tier services use high-speed servers to **minimize lag and buffering**.

****What Is the Best VPN for Personal Use?****

With so many options, what is the best personal VPN? The answer depends on your needs. It is quite difficult to choose the most balanced solution in terms of security features, anonymity, functionality, speed, number of servers and price. According to VeePN VPN, users should choose a VPN with a proven history of protecting their privacy.

****What Is a Personal VPN on an iPhone?****

If you’ve ever seen a “Personal VPN” option in your iPhone settings, you might wonder what it means. Apple allows users to configure VPN connections manually or use third-party VPN apps. The built-in option is designed for those with a VPN configuration file (such as one provided by an employer or a self-hosted VPN).

****Benefits of Using a Personal VPN********1\. Privacy Protection****

Your ISP can see everything you do online. A VPN stops this by encrypting your traffic, preventing tracking, data collection, and targeted ads.

****2\. Security on Public Wi-Fi****

Hackers love public Wi-Fi networks. Airports, coffee shops, hotels. A VPN encrypts your data, making it useless to cybercriminals.

****3\. Access Restricted Content****

Whether it’s streaming services, websites blocked in your country, or social media platforms, a VPN can bypass geo-restrictions and censorship.

****4\. Safe Torrenting****

Downloading torrents can expose your real IP address. A VPN masks your identity, ensuring anonymous and secure torrenting. (Avoid downloading pirated software, eBooks, or engaging in any other illegal activities while torrenting.)

****5\. Avoid Bandwidth Throttling****

Some ISPs slow down your connection based on your activities (e.g., streaming, gaming). A VPN hides your activity, preventing speed throttling.

****6\. Better Online Deals****

Airline tickets, hotel rates, and rental services sometimes offer different prices based on your location. A VPN lets you change your virtual location and find better deals.

At the end of the day, a personal VPN is all about keeping your online activity private, secure, and unrestricted. Whether you want to protect your data on public Wi-Fi, stop your ISP from tracking you, or access content from different parts of the world, a good VPN can make a big difference. Not all VPNs are the same, so it’s important to pick one that actually protects your privacy without slowing you down. If you’re serious about staying safe online, using a VPN is one of the easiest and smartest ways to do it.

What Is a Personal VPN? Features, Benefits, and How It Works

The Importance of Balancing Cost and Security!

Finding a virtual private network (VPN) that offers complete privacy protection without breaking the bank might be difficult when worries about online privacy are growing. Many users must decide between paying for premium VPNs, which are usually expensive, and using free services that can **jeopardize their data**.

However, what if you could locate a reasonably priced service with robust privacy features? The top VPNs that ideally balance cost and security. Whether streaming, torrenting, or safeguarding your online presence, these options are tailored to meet your needs without breaking the bank. The key considerations for choosing a VPN are to explore the best budget-friendly options available today.

****Key Features to Look for in a Secure VPN****

When privacy is a concern, knowing which features are most important is fundamental because not all VPNs are equal. For example, any trustworthy **VPN** must-have military-grade encryption to shield your data from prying eyes. Protocols like OpenVPN or WireGuard ensure secure and efficient connections, and a strict no-logs policy keeps your browsing activity private.

The user experience can be improved by features like a kill switch, DNS leak protection, and multi-device compatibility. Transparency is essential for those worried about privacy; look for suppliers whose claims have been independently audited.

These fundamental capabilities are still available in low-cost VPNs, demonstrating that economy need not equate to sacrificing quality. By prioritizing these factors, you can ensure your VPN satisfies strict security requirements while remaining within your budget.

****Top Affordable VPNs for Streaming and Torrenting****

Streaming and torrenting are two of the most popular reasons individuals seek VPNs. However, these activities require a service with particular features, such as avoiding geo-restrictions and preserving quick, reliable connections. Cheap VPNs like NordVPN and Surfshark are excellent choices for these purposes.

While NordVPN offers dedicated P2P servers for torrenting, Surfshark allows unlimited device connections, making it perfect for families or individuals with many devices. Both providers can unblock well-known **streaming services** like Netflix and Hulu thanks to SmartDNS capability.

These VPNs demonstrate flawless streaming and safe torrenting, which is possible without breaking the bank. Purchasing a reasonably priced VPN with strong features might improve your online experience without compromising privacy.

****Evaluating Privacy Policies: No-Logs and Transparency****

Examining a VPN’s privacy policies is essential when selecting one. A “no-logs” policy guarantees that your actions stay anonymous by preventing the supplier from storing your browsing data. But not every no-log assertion is made equally.

To ensure transparency, choose VPNs that third parties audit, such as ExpressVPN and CyberGhost. These suppliers have demonstrated their commitment to protecting their customers’ privacy by permitting independent companies to audit their systems. 

The jurisdiction in which the VPN works should also be taken into account. Services based in privacy-friendly countries like Switzerland or the British Virgin Islands are not subject to invasive data retention laws. A transparent and reliable VPN policy is non-negotiable for privacy-conscious users; even budget-friendly options can meet these stringent standards.

****Practical Use Cases: Everyday Benefits of a Secure VPN****

More than just a tool for techies, a secure VPN is useful for regular users. A VPN lowers the danger of hacking by protecting private information on public Wi-Fi networks for frequent travellers. VPNs allow remote employees to safely access corporate networks without disclosing sensitive data.

Because a VPN protects users from online tracking and invasive advertisements, even casual internet users can benefit from increased privacy. Those with limited funds can use inexpensive VPNs like ProtonVPN and Windscribe because they provide free tiers with strong security features. Using a secure VPN to stream, shop online, or get around censorship guarantees that your digital activities stay private and protected.

****Affordable Privacy is Within Reach****

Finding a **cheap VPN** that meets your spending limit doesn’t have to be complicated. Concentrating on essential features like encryption, no-logs policies, and multi-device support may give you strong privacy without exceeding budget. Affordability and security can coexist, as shown by services like Surfshark, NordVPN, and ProtonVPN, which serve a range of use cases from streaming to regular online safety.

Accept the comfort of protecting your digital footprint while adhering to your spending plan. Users concerned about their privacy can browse the internet with confidence and security if they have the correct VPN.

Cheap Yet Secure: Top VPNs for Privacy-Conscious Users on a Budget

Subaru STARLINK flaw exposed a critical security vulnerability, enabling unauthorized access to vehicle tracking, remote control, and sensitive…

Subaru STARLINK flaw exposed a critical security vulnerability, enabling unauthorized access to vehicle tracking, remote control, and sensitive customer data.

A vulnerability was recently discovered by cybersecurity researchers Shubham Shah and Sam Curry in Subaru’s STARLINK-connected vehicle system, enabling them to remotely start, stop, and track vehicles. The vulnerability in Subaru’s Starlink in-vehicle service, allowed attackers to remotely control and track connected vehicles. 

The vulnerability, an arbitrary account takeover flaw in the Starlink admin portal, enabled the duo to compromise a Subaru employee account. This flaw could let them target vehicles and customer accounts across the United States, Canada, and Japan.

Exploiting this flaw, Curry and Shah could gain unauthorized access to sensitive customer and vehicle data, and even remotely control targeted vehicles. According to a blog post published by researchers, the issue originated from a flaw in the Subaru STARLINK admin portal, a system intended for employee use.

This portal had a critical vulnerability that allowed attackers to reset employee passwords without requiring any confirmation. This meant that by simply knowing an employee’s email address, an attacker could gain access to their account.

> _“It appeared that there was a “resetPassword.json” endpoint that would reset employees’ accounts without a confirmation token. If this worked how it was written in the JavaScript, then an attacker could simply enter any valid employee email and take over their account.”_
> 
> Sam Curry

Researchers further bypassed two-factor authentication (2FA) by manipulating the website’s code, effectively disabling the security measure. With unauthorized access to the admin portal, the researchers demonstrated the ability to, start, stop, lock, and unlock any Subaru vehicle, and access a year’s worth of detailed location history for any vehicle, including stops and engine starts, providing precise locations with updates every time the engine started. 

Furthermore, they could retrieve the personal information of any customer, including contact details, addresses, billing information (partially masked), and vehicle PINs. They could also add themselves as authorized users to other vehicles, effectively taking control of them without the owner’s knowledge.

Researchers reported this vulnerability to Subaru on November 20, 2024, and the company in response promptly addressed the issue, patching it within 24 hours. The findings were publicly disclosed on January 23, 2025.

****Previous Hacks by the Duo****

Sam Curry and Shubham Shah are well-known for their creative and innovative methods of uncovering security vulnerabilities and responsibly disclosing them to companies.

One of their notable discoveries involved exploiting vulnerabilities in the globally used Points.com loyalty system. This flaw allowed unauthorized access to sensitive user data, including names, addresses, email addresses, phone numbers, and transaction details.

In December 2022, Sam Curry identified a critical app flaw that compromised Honda and Nissan vehicles through their VINs. Attackers could exploit this vulnerability to unlock doors, honk horns, and flashlights, and even start the vehicle remotely.

In September 2024, Sam Curry and three other security researchers found a way to control Kia vehicles by exploiting vulnerabilities linked to their license plates.

1.  **How Hackers Can Remotely Unlock/Start Honda Cars**
2.  **Cybercriminals Exploit CAN Injection Hack to Steal Cars**
3.  **Critical Intel chip flaw left cars and IoT devices vulnerable**
4.  **Self-driving cars can be fooled by displaying virtual objects**
5.  **Tesla cars can be remotely hacked using drone, WIFI dongle**

Subaru STARLINK Flaw Enabled Remote Tracking and Control of Vehicles

View CSAF
1. EXECUTIVE SUMMARY
CVSS v3 8.5
ATTENTION: Low attack complexity
Vendor: Schneider Electric
Equipment: EVlink Home Smart and Schneider Charge
Vulnerability: Cleartext Storage of Sensitive Information
2. RISK EVALUATION
Successful exploitation of this vulnerability may expose test credentials in the firmware binary.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Schneider Electric reports that the following EVlink Home Smart and Schneider Charge charging stations are affected:
EVlink Home Smart: All versions prior to 2.0.6.0.0
Schneider Charge: All versions prior to 1.13.4
3.2 VULNERABILITY OVERVIEW
3.2.1 CLEARTEXT STORAGE OF SENSITIVE INFORMATION CWE-312
A cleartext storage of sensitive information vulnerability exists that exposes test credentials in the firmware binary.
CVE-2024-8070 has been assigned to this vulnerability. A CVSS v3 base score of 8.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Transportation Systems
COUNTRIES/AREAS DEPLOYED: Europe, Asia Pacific, Middle East, and Africa
COMPANY HEADQUARTERS LOCATION: France
3.4 RESEARCHER
Simon Petitjean reported this vulnerability to Schneider Electric.
4. MITIGATIONS
Schneider Electric has identified the following specific workarounds and mitigations users can apply to reduce risk:
EVlink Home Smart: For already connected products, Version 2.0.6.0.0 of EVlink Home Smart includes a fix for this vulnerability and has been deployed to automatically upgrade all charging stations connected to the Wiser application.

Make sure the charging station is connected to the Wiser application to ensure the new version is downloaded and installed.
For new installations, a fix for this vulnerability is enforced through eSetup commissioning application.
The installed firmware version can be verified through Wiser application (refer to the settings page for the charging station).
Schneider Charge: For already connected products, Version 1.13.4 of Schneider Charge includes a fix for this vulnerability and has been deployed to automatically upgrade all charging stations connected to the Wiser application.

Make sure the charging station is connected to the Wiser application to ensure the new version is downloaded and installed.
For new installations, a fix for this vulnerability is enforced through eSetup commissioning application.
The installed firmware version can be verified through either Wiser application (refer to the settings page for the charging station), or the third-party supervision application.
Schneider Electric strongly recommends the following cybersecurity best practices:
Device should only be used in a personal home network.
Device should not have a publicly accessible IP address.
Do NOT use port forwarding to access a device from the public Internet.
A device should be on its own network segment. If your router supports a guest network or VLAN, it is preferable to locate the device there.
Use the strongest Wi-Fi encryption available in the home Wi-Fi network, such as WPA3 or WPA2/3 with protected management frames.
Schedule regular reboots of your routing device, smartphones, and computers.
Ensure that unauthorized individuals cannot gain physical access to your devices or regularly inspect the device for visual clues that may reveal a tampering attempt.
For more information refer to the Schneider Electric Recommended Cybersecurity Best Practices document. and the associated Schneider Electric Security Notification SEVD-2024-282-04 in PDF and CSAF.
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time. This vulnerability is not exploitable remotely.
5. UPDATE HISTORY
January 23, 2025: Initial Publication

Schneider Electric EVlink Home Smart and Schneider Charge

Millions of devices, including home routers, VPN servers, and CDNs are vulnerable to exploitation due to critical flaws…

Millions of devices, including home routers, VPN servers, and CDNs are vulnerable to exploitation due to critical flaws in common tunnelling protocols like IPIP, GRE, and 6in4/4in6. Learn how these vulnerabilities can be exploited for malicious attacks and how to protect your devices.

New vulnerabilities in multiple tunnelling protocols (IPIP/IP6IP6, GRE/GRE6, 4in6, 6in4) have been discovered by Top10VPN in collaboration with security researcher Mathy Vanhoef. These vulnerabilities allow attackers to hijack affected internet hosts to perform anonymous attacks and gain unauthorized network access. 

A large-scale internet scan identified 4.2 million open tunnelling hosts. This includes critical infrastructure such as VPN servers, home routers, core internet routers, mobile network gateways, and even content delivery networks (CDNs) operated by major players like Facebook and Tencent. Vulnerable hosts can enable a range of attacks, including new DoS techniques and DNS spoofing. The identified vulnerabilities include CVE-2024-7595, CVE-2025-23018/23019, and CVE-2024-7596.

The most affected countries are China, France, Japan, the U.S., and Brazil. Over 11,000 autonomous systems (AS) have been impacted, with Softbank, Eircom, Telmex, and China Mobile being the most affected.

The vulnerabilities stem from many internet hosts accepting tunneling traffic without verifying the sender’s identity. This lack of authentication allows attackers to exploit these hosts as proxies for malicious activities. 

“These hosts accept unauthenticated tunneling traffic from any source. This means they can be abused as one-way proxies to perform a range of anonymous attacks. Vulnerable hosts can also potentially be abused to gain access to victims’ private networks,” Top10VPN’s researcher and report author Simon Migliano noted.

Specifically, attackers can manipulate these hosts to send traffic on their behalf, concealing their true origin and making it difficult to trace attacks back to them. In some cases, attackers might be able to exploit these vulnerabilities to gain access to private networks connected to the hijacked host.

Tunneling protocols, such as IPIP, GRE, and 6in4/4in6, play a crucial role in modern networking, enabling seamless communication across diverse networks. However, many devices utilizing these protocols lack proper authentication and encryption, leaving them vulnerable to exploitation. 

According to Top10VPN’s report, at least 1,365 vulnerable VPN servers were identified, including consumer VPNs, routers with remote access features, and business VPNs. AoxVPN, a service with over a million users, was among those with vulnerabilities.

Additionally, around 1,200 vulnerable dynamic DNS routers, primarily Synology models offering remote access via VPN Plus Server, were detected. And, 171 company VPN servers were exposed, mainly using the GRE protocol, belonging to businesses and organizations in 33 countries, with the United States, China, and Hong Kong being the most affected. Over 17% of vulnerable devices were Free ISP’s home routers in France, which accepted unauthenticated traffic.

Furthermore, researchers discovered novel attack methods, such as “Ping-pong Amplification” and “Tunneled-Temporal Lensing,” which leverage these vulnerabilities to launch powerful Denial-of-Service (DoS) attacks. These vulnerabilities can also amplify the impact of existing attacks, such as DNS spoofing, traditional amplification DoS attacks, off-path TCP hijacking, SYN floods, and certain WiFi attacks.

The research highlights the need for enhanced security measures in these protocols to mitigate risks and ensure the reliability of our interconnected world. Proactive measures, including regular security audits, software updates, and increased awareness among system administrators and end-users, are also important for identifying and patching vulnerable devices.

1.  **Millions of websites using CDNs at risk of CPDoS attack**
2.  **DNS Tunneling Used for Stealthy Scans and Email Tracking**
3.  **GoogleUserContent CDN Hosting Images Infected with Malware**
4.  **Fake GlobalProtect VPN Downloads Spread WikiLoader Malware**
5.  **Millions of Email Servers Exposed Due to Missing TLS Encryption**

Tunneling Flaws Put VPNs, CDNs and Routers at Risk Globally

As the US faces “the worst telecommunications hack in our nation’s history,” by China’s Salt Typhoon hackers, the outgoing FCC chair is determined to bolster network security if it’s the last thing she does.

As the United States scrambles to kick China out of its communications networks, Jessica Rosenworcel, the outgoing Democratic chair of the Federal Communications Commission, says it’s vital for her Republican successor to maintain strong oversight of the telecommunications industry.

The government is still reeling from the Chinese “Salt Typhoon” hacking campaign that penetrated at least nine US telecom companies and gave Beijing access to Americans’ phone calls and text messages and the wiretap systems used by law enforcement. The operation exploited US carriers’ shockingly poor cybersecurity, including an AT&T administrator account that lacked basic security protections.

To prevent a repeat of the unprecedented telecom intrusion, Rosenworcel used the waning days of her FCC leadership to propose new cybersecurity requirements for telecom operators. On Thursday, the commission narrowly voted to approve her proposal. But those rules face a bleak future, with president-elect Donald Trump preparing to take office and control of the FCC transferring to commissioner Brendan Carr, a Trump ally who voted against Rosenworcel’s regulatory plan.

In an interview days before Trump’s inauguration, Rosenworcel is adamant that regulation is part of the answer to America’s telecom security crisis. And she has a stern message for Republicans who think the solution is to let the telecoms police themselves.

“We are wrestling with what has been described as the worst telecommunications hack in our nation's history,” she says. “Either you take serious action or you don't.”

**“The Right Thing to Do”**

Rosenworcel’s plan consists of two steps. First, the FCC formally declared that the 1994 Communications Assistance for Law Enforcement Act (CALEA), which required telecom companies to design their phone and internet systems to comply with wiretaps, also requires them to implement basic cyber defenses to prevent tampering. Next, the FCC proposed requiring a wider range of companies regulated by the commission to develop detailed cyber risk-management plans and annually attest to their implementation.

The outgoing chairwoman describes the rules as a commonsense response to a devastating attack.

“In the United States in 2025, it would shock most consumers to know that our networks do not have minimum cybersecurity standards,” Rosenworcel says. “We're asking the carriers to develop a plan and certify they follow that plan. That's the right thing to do.”

Absent these standards, she adds, “our networks are going to lack the protection they need from nation-state threats like this in the future.”

But Republicans are unlikely to embrace the new regulations on telecom networks. The powerful telecom industry tends to staunchly oppose any new regulations, and Republicans almost always side with the industry in these debates.

Senator Ted Cruz, a Texas Republican who now chairs the Commerce Committee, called Rosenworcel’s plan “a Band-Aid at best and a concealment of a serious blind spot at worst” during a hearing in December.

Carr—who last month called Salt Typhoon “deeply concerning”—voted against Rosenworcel’s proposal, along with his fellow Republican commissioner Nathan Simington. Carr’s office didn’t respond to a request for comment about the new regulations. But he has repeatedly criticized Rosenworcel’s approach to enforcing rules on the telecom industry, accusing her of overreach and warning that the FCC must rein itself in or face pushback from courts.

Once Carr takes over as FCC chairman, he could call a new vote of the commission to rescind Rosenworcel’s regulations. Or he could let Republican lawmakers do it for him—the GOP-controlled Congress is already planning to undo another FCC rule and might be happy to add this one to their list.

Rosenworcel dismisses the idea that her plan is radical. “We are not reinventing the wheel here,” she says. The new cyber requirements would be pegged to existing consensus standards from the National Institute of Standards and Technology and the Cybersecurity and Infrastructure Security Agency.

“Voices from the left and the right have called this the worst telecommunications hack in our nation's history,” Rosenworcel says. “It deserves a serious response.”

**Modernizing an Old Law**

One potential challenge facing Rosenworcel’s plan is that it hinges on the 30-year-old CALEA, which says almost nothing about cybersecurity.

Section 105 of the law does require telecoms to ensure that wiretaps “can be activated only in accordance with a court order or other lawful authorization,” which Rosenworcel reads as a requirement to protect telecom networks from unauthorized access. But after the US Supreme Court’s recent ruling that courts shouldn’t defer to agencies as the experts in their policies, the FCC will almost certainly face an industry lawsuit as it tries to implement Rosenworcel’s plan.

Carr may have opposed the proposal in part for that reason. He has repeatedly cheered court decisions invalidating Biden administration tech policies and the FCC’s own previous actions, and in congressional testimony last July, he cited the risk of courtroom setbacks in opposing FCC subsidies for school and library Wi-Fi hot spots (the FCC program that Congress is preparing to invalidate). “Following the Supreme Court’s decision,” he said, “courts will not defer to an FCC decision to read into the Communications Act a grant of authority that Congress did not provide.”

Rosenworcel defends the use of CALEA, saying “we have to step back and look at it from a broader point of view.” Section 105 clearly supports the conclusion that “every telecommunications carrier has a legal obligation to secure their networks against unlawful access and interception,” she argues.

The chairwoman admits that her proposal is “a modern way to think about” CALEA, but she says her staff “worked closely with our general counsel's office” to ensure its legality.

“This is the right and proper interpretation of the law that meets the moment we're in and the threats we face,” she says.

**New Sheriff in Town**

As the Rosenworcel era gives way to the Carr era at the FCC, one open question is how the commission’s relationship with the telecom industry will change, and how that will affect the companies’ commitment to improving cybersecurity.

Businesses typically have friendlier relationships with independent regulators when they’re led by Republicans, who tend to favor hands-off approaches to overseeing their industries. From that perspective, telecom firms—which slammed the FCC for its recently thwarted attempt to reinstate net neutrality—are likely to welcome Carr’s promises to rein in the commission’s “overreach.”

But it is unclear how that shift will affect the incentives driving telecoms’ investments in better cybersecurity practices. Security experts have already expressed concerns about the broader Trump administration’s likely retreat from Biden-era cyber rules for critical infrastructure operators. A similar trend could play out with the FCC in the telecom space.

**Uncertain Future for an Ambitious Agenda**

Even beyond Salt Typhoon’s breach of US telecom systems, there are many questions about how the FCC will tackle cybersecurity after Rosenworcel departs.

“One of the hallmarks of my tenure has been that we put network security and national security front and center,” she says. “I've been in and around the FCC for a long time, and this issue has never had top-tier billing like it has during my time here.”

Rosenworcel’s initiatives included banning Chinese wireless firms from providing services in the US, prohibiting telecom equipment manufacturers linked to foreign adversaries from selling their products in the US, and running a multibillion-dollar program to help US carriers “rip and replace” that risky equipment.

Under Rosenworcel, the FCC also proposed rules to secure the internet’s traffic-routing system, protect undersea cables from tampering, and update 16-year-old data-breach notification procedures; launched a privacy and data protection task force; created a pilot program to help schools and libraries improve their cyber defenses; and fined the major US wireless carriers for selling access to customers’ locations. Most recently, Rosenworcel worked with the White House to launch an FCC-run security labeling program for internet-of-things devices.

The rip-and-replace program is an especially ambitious effort. More than 100 US wireless carriers have reported using equipment made by risky companies like China’s Huawei. But Rosenworcel is confident that the program—which recently received a $3 billion infusion from Congress—is on the right track. “We're doing a good job working with carriers to take this equipment out,” she says.

Rosenworcel isn’t worried that carriers will simply refuse to participate. “If you have this equipment in your networks, you can't get funds from FCC programs,” she says. “Right there, you have a pretty powerful incentive.” She thinks that incentive will be especially strong for the most vulnerable organizations: the small, rural carriers that heavily depend on federal subsidies.

The IoT labeling program, known as the US Cyber Trust Mark, might be even more ambitious, given that its goal is to completely change how consumers and businesses think about the importance of cybersecurity in home appliances. But Rosenworcel says a lot of manufacturers are “very excited” about getting their products tested and marked with the federal seal of approval, because “they see it as a way to differentiate their products in the marketplace.”

As for consumers, Rosenworcel admits that they may not start shopping based on security right away, but she compares the program to Energy Star, which launched in 1992 and is now a household name. “This is an iterative process,” she says. “It's going to create its own momentum over time, and these are just early days.”

While a group of FCC-designated organizations devise specific testing criteria for the program, Rosenworcel is concerned that other countries may leap ahead with their own security labels. South Korea and Singapore signed an agreement in December 2023 to mutually recognize each other’s labels. The US and the European Union are working on similar reciprocity. “There will be a race globally to develop these kind of marks,” Rosenworcel says. “This is an area where I think the US should really invest some time, energy, and effort, because I would like us to lead.”

**Escaping the “Analog Era”**

As she counts down her final days atop the FCC, Rosenworcel is preoccupied with how Salt Typhoon has highlighted alarming vulnerabilities in systems that underpin American prosperity.

“Network security is national security,” she says. “Communications is an input in everything we do in day-to-day life. You don't have health care, manufacturing, energy, transportation, any of it without secure communications.”

Those dependencies have put the US in increasing jeopardy as foreign government hackers exploit these networks’ complexity and inconsistency.

“We have portions \[of networks\] that are gleaming new and operate on internet protocols, and we've got others that are built for the analog era,” Rosenworcel notes. “There are consequences to having networks like this that are overseen by commercial actors … Some equipment and facilities have not been updated.”

Republicans may be tempted to leave it up to the industry to shore up these vulnerabilities. But Rosenworcel says that would be a costly mistake.

“We have a choice to make,” she says. “We take action to prevent this from happening in the future, or we turn the other way, cross our fingers, and hope it never happens again. I like hope, but hope isn't a plan. And when you look at the scope of the threats that we're facing, it would be foolhardy to just rely on hope at this point.”

Tag

#wifi