Cisco has patched Critical vulnerabilities in VPN Firewall and Router products, as well as High risk bugs in SD-WAN products.
Juniper has released an out-of-band security update for a Junos OS vulnerability CVE-2020-1631 in J-Web and web based (HTTP/HTTPS) services.
Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.
To prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), more organizations are electing to have their employees work remotely from home. With that responsibility, more organizations will need to adopt a heightened level of security to protect themselves from attackers who look to exploit weaknesses in enterprise virtual private networks (VPNs).
Researchers at the CERT Coordination Center (CERT/CC) have released details on a critical Point-to-Point Protocol Daemon (pppd) vulnerability CVE-2020-8597.
The Cybersecurity and Infrastructure Security Agency (CISA) issued a new warning that attackers continue to target unpatched Pulse Secure VPN systems.
Security experts are again warning that advanced persistent threat (APT) actors are exploiting vulnerabilities in multiple Virtual Private Network (VPN) applications.
Hackers are targeting vulnerable VPN products from Pulse Secure and Fortinet that pose risks to enterprise networks.
Researchers from the University of Birmingham have discovered certain banking iOS and Android apps, such as HSBCand the TunnelBear VPN app, are vulnerable to man-in-the-middle (MITM) attacks.