• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

26 Meta employees accuse Mark Zuckerberg of using AI to target 8,000 layoffs against workers on medical, parental or family leave

2

FedEx CEO says we are in the middle of the biggest supply chain shift he’s seen in 35 years: ‘We are the referendum’

3

He sold his last company to Palantir. Now he's betting $32 million that robots can fix construction's labor crisis

1

26 Meta employees accuse Mark Zuckerberg of using AI to target 8,000 layoffs against workers on medical, parental or family leave

2

FedEx CEO says we are in the middle of the biggest supply chain shift he’s seen in 35 years: ‘We are the referendum’

3

He sold his last company to Palantir. Now he's betting $32 million that robots can fix construction's labor crisis
TechCybersecurity

Homeland Security Says Hackers Could Crack Some Enterprise VPN Apps. Is Your Company at Risk?

By
Alyssa Newcomb
Alyssa Newcomb
Down Arrow Button Icon
By
Alyssa Newcomb
Alyssa Newcomb
Down Arrow Button Icon
April 12, 2019, 5:06 PM ET
Add Fortune on Google for similar content.

VPN apps are supposed to help remote workers securely log onto their company’s servers, but critical vulnerabilities in apps made by at least four companies could be leaving the digital door wide open for hackers to steal corporate secrets.

The nonprofit CERT Coordination Center—which acts as the Internet’s emergency response team—and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency issued an alert for enterprise VPN apps made by Cisco, Palo Alto Networks, Pulse Secure, and F5 Networks on Friday. The bulletin also warned that more testing will be required to determine if hundreds of other VPN apps are at risk.

These aren’t your run-of-the-mill VPN apps used by citizens to mask their private Internet surfing traffic. The services in question are enterprise solutions that are frequently deployed by corporate IT departments for people who need to work remotely, but also want access to their company’s private data, such as email and internal tools.

The apps appear to be incorrectly storing cookies on a person’s computer, according to the CERT bulletin. While the cookies are designed to help people bypass having to enter their password at every new login screen, they could be dangerous if the wrong person gains access.

A potential worst case scenario could be if a skilled hacker gained access to a person’s private computer through malware—they could then use the improperly stored cookies to log in to the enterprise VPNs, bypassing usual checkpoints where they might otherwise have to enter a password.

Palo Alto Networks has issued a patch for its GlobalProtect app, for both its Windows and Mac users, however the other companies named in the bulletin have not yet issued public responses. Hundreds of other apps could also be affected—but more testing will be required. A “generic configuration” may be the reason why the problem is being spread across companies, according to the bulletin.

Just two enterprise VPN vendors—Check Point Software Technologies and pfSense—were given an all clear in the CERT bulletin.

While it’s important to regularly check for security updates and patches, using two-factor authentication (2FA) as an extra layer of security can help companies ensure there’s no unauthorized access to their accounts, says Kathy Wang, director of security at Gitlab, an open source software development site. “A VPN is one means to an end, but not the only means,” she says.

Setting up 2FA can be as simple as adding an email address or phone number to an account. When you try to log in, the site would then send a unique, one-time code for users to enter, proving their identity.

About the Author
By Alyssa Newcomb
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Tech

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Tech

school
AIEducation
84% of students use AI for homework. Only 3 in 10 schools have rules for it
By Brett DeJager and The ConversationJuly 16, 2026
2 hours ago
Morgan Stanley headquarters building in New York City.
BankingCFO Daily
Morgan Stanley is riding high on the IPO boom with 70% of the top 100 unicorns in its pipeline, CFO says
By Sheryl EstradaJuly 16, 2026
3 hours ago
dario
AIpropaganda
Meta Oversight Board study: AI chatbots may be the most perfect propaganda machine ever invented
By Didi Tang and The Associated PressJuly 16, 2026
3 hours ago
Pascal cofounders Matthew Downey (left) and Ivo Crnkovic-Rubsamen (right) stand side by side against a brick wall.
CryptoVenture Capital
Exclusive: Prediction market startup Pascal raises $9 million to challenge heavyweights Kalshi and Polymarket
By Camila Grigera NaónJuly 16, 2026
3 hours ago
eu
AIGoogle
EU orders Google to share search data with rivals by 2027; search giant complains about ‘unfamiliar companies’ in your grill
By The Associated PressJuly 16, 2026
4 hours ago
Marc Lore smiles
Startups & VentureIPOs
Exclusive: Marc Lore says Wonder is gearing up for an IPO after raising $650 million at a $9 billion valuation
By Lily Mae LazarusJuly 16, 2026
4 hours ago

Most Popular

26 Meta employees accuse Mark Zuckerberg of using AI to target 8,000 layoffs against workers on medical, parental or family leave
Law
26 Meta employees accuse Mark Zuckerberg of using AI to target 8,000 layoffs against workers on medical, parental or family leave
By Barbara Ortutay, Alexandra Olson and The Associated PressJuly 15, 2026
1 day ago
FedEx CEO says we are in the middle of the biggest supply chain shift he’s seen in 35 years: ‘We are the referendum’
C-Suite
FedEx CEO says we are in the middle of the biggest supply chain shift he’s seen in 35 years: ‘We are the referendum’
By Fortune EditorsJuly 15, 2026
1 day ago
He sold his last company to Palantir. Now he's betting $32 million that robots can fix construction's labor crisis
Innovation
He sold his last company to Palantir. Now he's betting $32 million that robots can fix construction's labor crisis
By Lily Mae LazarusJuly 15, 2026
1 day ago
Jamie Dimon understands why people are anti-rich: 'We have, in fact, left the lower-income folks behind' and 'that's kind of annoying'
Economy
Jamie Dimon understands why people are anti-rich: 'We have, in fact, left the lower-income folks behind' and 'that's kind of annoying'
By Eleanor PringleJuly 15, 2026
1 day ago
MacKenzie Scott, Melinda French Gates, and Lauren Sánchez Bezos are rewriting the rules of billionaire giving—one quietly, one strategically, one very publicly
Newsletters
MacKenzie Scott, Melinda French Gates, and Lauren Sánchez Bezos are rewriting the rules of billionaire giving—one quietly, one strategically, one very publicly
By Sydney LakeJuly 14, 2026
2 days ago
Current price of oil as of July 15, 2026
Personal Finance
Current price of oil as of July 15, 2026
By Joseph HostetlerJuly 15, 2026
1 day ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.