CyberNews Briefs

Gov’t warns on VPN security bug in Cisco, Palo Alto, F5, Pulse software

VPN applications offered by Cisco, Palo Alto, F5 and Pusle are putting users at risk by failing to securely store session cookies, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and Carnegie Mellon’s CERT are warning.

If threat actors can obtain access to a session cookie, they can use it to continue the victim’s session, which will allow them to bypass authentication for applications accessed by the user during the session.

Read more: Gov’t warns on VPN security bug in Cisco, Palo Alto, F5, Pulse software

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.