Palo Alto Networks is adding an SSL VPN gateway and traffic shaping to its firewalls, offering businesses another opportunity to reduce the number of devices they buy and maintain.

CERT also found that Palo Alto Networks GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS0 store the session cookie incorrectly in both memory and log files.

Researchers with cybersecurity firm Randori have discovered a remote code execution vulnerability in Palo Alto Networks firewalls using the GlobalProtect Portal VPN. The zero-day -- which has a ...

However, Uber said the Palo Alto SSL VPN was not the primary VPN in use by the majority of staff members, and the software was hosted in AWS rather than embedded within core infrastructure and so ...

Palo Alto Networks has observed that GlobalProtect, its virtual private network (VPN) software, was leveraged to deliver a new variant of the WikiLoader loader malware. In a report published on ...

Specifically, Palo Alto Networks Windows, version 4.1.0, and macOS, version 4.1.10 and earlier, GlobalProtect endpoint agents store the cookie insecurely in log files and in memory, as does Pulse ...

VPN packages from Cisco, Palo Alto, F5 and Pulse may improperly secure tokens and cookies, allowing nefarious actors an opening to invade and take control over an end user’s system.

Palo Alto said that a fix was pushed out in a software update, but enterprises can also switch off SAML — a way of letting a user log in to the network — to mitigate the flaw.