Security Bulletin

eSIMs around the world may be fundamentally vulnerable to physical and network attacks because of a 6-year-old Oracle vulnerability in technology that underlies billions of cards.

Customers were the first to notice the disruption on the distributor's website when they couldn't place orders online.

Critical security vulnerabilities affect different parts of the Model Context Protocol (MCP) ecosystem, which many organizations are rapidly adopting in order to integrate AI models with external data sources.

The UK's National Crime Agency arrested four people, who some experts believe are connected to the notorious cybercriminal collective known as Scattered Spider.

Introduction Kea's High Availability hook is the recommended solution for high availability operation. The Kea HA hook works by pairing Kea servers (a multi-node solution is also available), in either an active-active or active-passive collaboration...

Introduction In some cases, administrators may want to configure Kea to use the "Shared Lease Database" High Availability method. This method has certain advantages when compared to the HA Hook. The advantages and disadvantages of each method are...

Now it's time to build systems that attackers can't reroute with a phone call.

Cisco Catalyst 8300 earns NetSecOPEN certification for exceptional real-world NGFW and SD-WAN performance under modern enterprise conditions.

Introduction Testing DNS servers, particularly Recursive Servers (Resolvers) involves many variables which need to be taken into account. The best that you can do is to approximate the scenario in which a real production server would find itself. The...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Stories about Chinese APTs attacking the US and Canada are plentiful. In a turnabout, researchers found what they believe is a North American entity attacking a Chinese entity, thanks to a mysterious issue in Microsoft Exchange.

[This is a Guest Diary by Sihui Neo, an ISC intern as part of the SANS.edu BACS program]