Department of Homeland Security issues security warning for VPN applications — Check Point VPNs not affected
Apr 17, 2019 / Checkpoint
On Friday April 12, The CERT Coordination Center (CERT/CC) with the US Department of Homeland Security (DHS), issued a warning of a newly discovered vulnerability affecting possibly hundreds of Virtual Private Network (VPN) applications. Check Point was one of a small handful to be unaffected by this warning.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC Vulnerability Note VU#192371 to get details of the affected VPN applications and the problem of insecure storing of session cookies in memory and/or log files. Organizations face the risk of attackers exploiting this vulnerability to take control of an affected system.
Check Point VPN customers are not affected because of our advanced, market-leading security architecture. Check Point’s IPsec and SSL VPNs offer a number of market-leading capabilities that add safety and convenience for your remote access users, including:
- Threat prevention
- Incident analysis
- Access control
- Data security
- Compliance checking
- Multi-factor authentication
Customers using other VPNs should consult with their vendor. To help you assess your specific situation, we’ve formed a special VPN task force team to discuss your available options, including a quick migration to Check Point technology.
Latest BlogsSee all blog posts
The Fourth Annual March Hackness Phishing Bracket
Mar 2019 / Area1
Contrast Security recognised as the only "VISIONARY" in the GARTNER MAGIC QUADRANT for application security testing for 2019
Apr 2019 / Contrast
Understanding Microsoft's OAuth2 implementation - Part 3: Using Microsoft Graph API
Apr 2019 / Swimlane