An Interest In:
Web News this Week
- March 29, 2024
- March 28, 2024
- March 27, 2024
- March 26, 2024
- March 25, 2024
- March 24, 2024
- March 23, 2024
April 12, 2019 06:03 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/Vmx6Sr8PG3Y/some-enterprise-vpn-apps-store-authenticationsession-cookies-insecurely
Some Enterprise VPN Apps Store Authentication/Session Cookies Insecurely
At least four Virtual Private Network (VPN) applications sold or made available to enterprise customers share security flaws, warns the Carnegie Mellon University CERT Coordination Center (CERT/CC) and the Department of Homeland Security's Computer Emergency Response Center (US-CERT). From a report: VPN apps from Cisco, F5 Networks, Palo Alto Networks, and Pulse Secure are impacted, CERT/CC analyst Madison Oliver said in a security alert published earlier today, echoed by the DHS' US-CERT. All four have been confirmed to store authentication and/or session cookies in an non-encrypted form inside a computer's memory or log files saved on disk.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/Vmx6Sr8PG3Y/some-enterprise-vpn-apps-store-authenticationsession-cookies-insecurely
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot