ZDNet

Some enterprise VPN apps store authentication/session cookies insecurely

At least four Virtual Private Network (VPN) applications sold or made available to enterprise customers share security flaws, warns the Carnegie Mellon University CERT Coordination Center (CERT/CC) ...
Security Boulevard

IP Lookup for Enterprise Authentication: How to Use IP Reputation, VPN/Proxy Detection, and Risk-Based MFA

Learn how IP lookup, reputation checks, VPN detection, and risk-based MFA strengthen enterprise authentication and prevent fraud.
Bleeping Computer

Multiple Enterprise VPN Apps Allow Attackers to Bypass Authentication

Enterprise VPN applications developed by Palo Alto Networks, Pulse Secure, Cisco, and F5 Networks are storing authentication and session cookies insecurely according to a DHS/CISA alert and a ...
Network World

Using your Active Directory for VPN authentication on ASA

For a long time the only way to use Active Directory (AD) for VPN authentication and authorization was to use a RADIUS server such as Cisco ACS that could use AD as an external database. With the ...
Bleeping Computer

Cisco won’t fix authentication bypass zero-day in EoL routers

Cisco says that a new authentication bypass flaw affecting multiple small business VPN routers will not be patched because the devices have reached end-of-life (EoL). This zero-day bug (CVE-2022-20923 ...
ZDNet

Why VPN can't replace Wi-Fi security

This entry is also available as a PDF download. Every time the subject of wireless LAN security comes up, people ask me about VPN as a solution for securing Wi-Fi. (Wi-Fi is the common marketing name ...
Australian Broadcasting Corporation

Give yourself an online privacy check-up and start 2020 securely

Do get a password manager Do clean up your online accounts Don't use public internet without a VPN Avoid most "internet of things" devices First, let's be clear. Most internet services are built to ...