Security Bulletin

1) Run BIND on a server dedicated to DNS only. Reasons include: Minimized risk of impact to DNS services due to other applications consuming server resources (perhaps due to an attack on those services or application error). Conversely, minimized...

Cisco and Indus Action are passionate about ensuring that social protection systems in India effectively serve those who need them most by simplifying school admissions for underserved families, streamlining support for maternal health, and enhancing...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Since the last update [ 5], over the past few months I added several enhancements to DShield SIEM and webhoneypot sensor collection that included an update to the interface to help with DShield sensor analysis. I updated the main dashboard to have...

The threats may not be malicious, but they are more than many security teams can handle.

Chinese state-backed threat actors are suspected of posing as Michigan congressman John Moolenaar in a series of spear-phishing attacks.

On the Stormcast, Johannes talked about BASE64 and DNS used by a backdoor.

As Kubernetes becomes the foundation of enterprise infrastructure, the underlying operating system must evolve alongside it.

CVE: CVE-2025-8696 Title: DoS attack against the Stork UI from an unauthenticated user Document version: 2.0 Posting date: 10 September 2025 Program impacted: Stork Versions affected: Stork 1.0.0 -> 2.3.0 Severity: High Exploitable: Remotely...

With multiple persistence mechanisms, the modular malware can brute-force passwords, drop payloads, and communicate over different protocols.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Firms cooperating with cybercrime syndicates in Burma and Cambodia face sanctions by the US government and enforcement actions by China, but the scams continue to grow.