Security Bulletin

In 2024, it was Snowflake. In 2025, it's Salesforce. ShinyHunters is back, with low-tech hacks that nonetheless manage to bring down international megaliths like Google, Cisco, and Adidas.

Decommissioned as of September 30, 2017 Introduction DLV (DNSSEC Look-aside Validation) was an extension to the DNSSECbis protocol. It was designed as a transition mechanism to assist in early DNSSEC adoption by allowing DNSSEC signing and validation...

With informed decision-making, organizations can strengthen their overall resilience and maintain the agility needed to adapt to emerging threats, without sacrificing innovation or productivity.

The fashion house is added to a list of other companies that have been impacted by similar breaches, including Tiffany & Co. and Louis Vuitton.

A Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet (NBSZ NKI) tájékoztatót ad ki a SonicWall 7. generációs tűzfalakat érintő kibertámadás-hullámról, amely során támadók biztonsági réseken keresztül hatoltak be vállalati hálózatokba, többek...

Explore a network-layer throttling mechanism to improve the resiliency of Cloud VPNs IKE servers, which are typically subject to IKE flood attacks.

When we think of artificial intelligence (AI), it’s easy to picture high-tech labs, software giants, and headlines about algorithms changing the world. However, AI is already touching lives in deeply human ways—helping farmers protect their harvests...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

As autonomous vehicles continue to evolve, new research highlights the importance of rigorous security testing to protect against both intentional attacks and unintentional unsafe commands in teleoperation systems.

[This is a Guest Diary by Duncan Woosley, an ISC intern as part of the SANS.edu BACS program]

Secrets managers hold all the keys to an enterprise's kingdom. Two popular ones had longstanding, critical, unauthenticated RCE vulnerabilities.

Views from an insider on the changes arriving in the CCNP Automation Certification.