Cybersecurity company SonicWall has warned customers that several vulnerabilities impacting its Secure Mobile Access (SMA) ...

SonicWall confirms wild exploitation of CVE-2023-44221 and CVE-2024-38475 in SMA100 devices, risking file access and session ...

"With that, we were able to identify the username and domain of the hijacked session, along with private routes the user was able to access through the SSL VPN," the researchers said. Via ...

The new SSL VPN also provides a single sign-on function designed to minimize the number of times users must log in without compromising security. Other features of the solution include global ...

The vulnerability, tracked as CVE-2024-53704, is a flaw in the SSL VPN authentication mechanism in SonicOS, the operating ...

The product leverages SSL technology that is available in almost any web browser, and unlike traditional VPNs, there is no need for separate client software. The RA-500 series employs full logging ...

Despite security updates being installed, cyber criminals have managed to gain permanent access to FortiGate devices.

Virtual private network (VPN) technology has been a cornerstone of the networking landscape for decades, beginning first with the IPsec protocol then getting a bit easier with SSL-VPN technology.

This allows them to maintain read-only access to the root filesystem through the publicly accessible SSL-VPN web panel even after they're discovered and evicted. "A threat actor used a known ...

On successfully attacked FortiGate devices, they created a symlink (symbolic link) between the user file system and the root file system in a folder for language files of the SSL VPN. The symlink ...