NordVPN is taking actions to guarantee users that it can remain true to its commitment of offering “private and secure access to the web” after confessing that a hacker hacked one of its servers. To begin with, its in-house group of penetration evaluators will now be operating with VerSprite (the cybersecurity firm) to perform intrusion handling, comprehensive penetration testing, and source code evaluation. The company will also assist NordVPN form a self-governing cybersecurity advisory group as a fraction of their long-term association.
In an attempt to find errors before a hacker does again, it is also rolling out a bug bounty project over the coming few weeks. NordVPN also commits to perform a 3rd-party complete independent security probe covering its software, hardware, backend source code, backend architecture, and internal processes in next year.
The firm claims it is planning to develop a network of collocated servers too. It is just presently finishing its infrastructure probe to remove and look for any exploitable errors left by 3rd-party server suppliers. Lastly, NordVPN claims it is planning to replace its complete framework with diskless servers so that nothing will be locally saved. In that manner, even if a hacker seizes a server, they will not get anything in it.
NordVPN confessed the previous week that a bad actor accessed a server it borrowed back in March 2018 from a data center in Finland. That data center detected the infiltrator and eliminated their access without telling the firm, but NordVPN discovered about the event a few months back and concluded its deal with the supplier.
On a related note, DoorDash earlier declared that it suffered a security hack that impacted 4.9 Million consumers. As per the firm, in May 2019, a 3rd-party gained unauthorized access to data belonging to DoorDash consumers comprising delivery drivers, consumers, and vendors who joined the service on or before April last year.