Fortinet reports active attacks exploiting CVE-2020-12812, a FortiOS SSL VPN flaw that can bypass two-factor authentication in specific LDAP setups.

At least four Virtual Private Network (VPN) applications sold or made available to enterprise customers share security flaws, warns the Carnegie Mellon University CERT Coordination Center (CERT/CC) ...

For a long time the only way to use Active Directory (AD) for VPN authentication and authorization was to use a RADIUS server such as Cisco ACS that could use AD as an external database. With the ...

GreyNoise has identified a coordinated credential-based campaign abusing VPN login portals from Cisco and Palo Alto Networks.

After adding post-quantum encryption (PQE) to all its apps in May, NordVPN now strives for cryptographic agility. Here's why ...

The 25-employee company where I work just recently created an IT department of one (me), even though I have very little IT experience. I've solved some tough IT-ish problems for them, and have shown ...

As the UK’s leading warranty provider and standards setting body for new-build homes,the National House-Building Council (NHBC), requires a network that can be accessed from any location, on any ...

Fortinet has warned customers that threat actors are still actively exploiting a critical FortiOS vulnerability that allows ...

An automated campaign is targeting multiple VPN platforms, with credential-based attacks being observed on Palo Alto Networks ...

This entry is also available as a PDF download. Every time the subject of wireless LAN security comes up, people ask me about VPN as a solution for securing Wi-Fi. (Wi-Fi is the common marketing name ...