eWeek

Clientless SSL VPN Products Open Web Browser Security Hole

In this episode of eSpeaks, Jennifer Margles, Director of Product Management at BMC Software, discusses the transition from traditional job scheduling to the era of the autonomous enterprise. eSpeaks’ ...
Threat Post

Clientless SSL VPNs Break Web Browser Security Models

Clientless SSL VPN products from multiple vendors operate in a way that breaks fundamental browser security mechanisms, according to a warning from the U.S. Computer Emergency Response Team (US-CERT).
Bleeping Computer

Cisco warns of VPN zero-day exploited by ransomware gangs

Cisco is warning of a CVE-2023-20269 zero-day vulnerability in its Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) that is actively exploited by ransomware operations ...
CRN

Cisco: Our VPN Storage Method Doesn't Cause 'Unwarranted Exposure'

Cisco this week acknowledged that its VPN application stores session cookies within system memory, but said the exposure associated with this activity isn't 'unwarranted.' Cisco this week acknowledged ...