Security Bulletin

Critical security vulnerabilities affect different parts of the Model Context Protocol (MCP) ecosystem, which many organizations are rapidly adopting in order to integrate AI models with external data sources.

The UK's National Crime Agency arrested four people, who some experts believe are connected to the notorious cybercriminal collective known as Scattered Spider.

Introduction Kea's High Availability hook is the recommended solution for high availability operation. The Kea HA hook works by pairing Kea servers (a multi-node solution is also available), in either an active-active or active-passive collaboration...

Introduction In some cases, administrators may want to configure Kea to use the "Shared Lease Database" High Availability method. This method has certain advantages when compared to the HA Hook. The advantages and disadvantages of each method are...

Now it's time to build systems that attackers can't reroute with a phone call.

Cisco Catalyst 8300 earns NetSecOPEN certification for exceptional real-world NGFW and SD-WAN performance under modern enterprise conditions.

Introduction Testing DNS servers, particularly Recursive Servers (Resolvers) involves many variables which need to be taken into account. The best that you can do is to approximate the scenario in which a real production server would find itself. The...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Stories about Chinese APTs attacking the US and Canada are plentiful. In a turnabout, researchers found what they believe is a North American entity attacking a Chinese entity, thanks to a mysterious issue in Microsoft Exchange.

[This is a Guest Diary by Sihui Neo, an ISC intern as part of the SANS.edu BACS program]

For browsers, exploitation is out — and getting users to compromise their own systems is in. Improved browser security has forced attackers to adapt their tactics, and they've accepted the challenge.

Introduction This document discusses database connectivity problems, parameters that can be adjusted to make Kea compensate for those problems, and some of the implications of doing so. Scenario Symptoms Often this discussion begins with error...