Attackers are already exploiting a severe flaw in Check Point VPN software that lets them bypass authentication entirely, and federal agencies have just days to patch it. The vulnerability, tracked as ...

Attackers are exploiting a newly cataloged flaw in Palo Alto Networks GlobalProtect VPN software to forge authentication cookies and connect to corporate networks without ever entering a password. The ...

At least four Virtual Private Network (VPN) applications sold or made available to enterprise customers share security flaws, warns the Carnegie Mellon University CERT Coordination Center (CERT/CC) ...

A VPN passthrough is most associated with legacy protocols, and if you're experiencing issues with your connection, you ...

Enterprise VPN applications developed by Palo Alto Networks, Pulse Secure, Cisco, and F5 Networks are storing authentication and session cookies insecurely according to a DHS/CISA alert and a ...

A technical breakdown of how a VPN works: packet handling, protocol comparisons, DNS and WebRTC leak vectors, kill switch ...

Security researchers have flagged a coordinated credential-based campaign targeting VPN authentication endpoints from Cisco and Palo Alto Networks. Over just two days in mid-December, attackers ...

For a long time the only way to use Active Directory (AD) for VPN authentication and authorization was to use a RADIUS server such as Cisco ACS that could use AD as an external database. With the ...

This entry is also available as a PDF download. Every time the subject of wireless LAN security comes up, people ask me about VPN as a solution for securing Wi-Fi. (Wi-Fi is the common marketing name ...