Member Spotlight: Leah Schwartzman

This month’s member spotlight is Leah Schwartzman, lead cybersecurity analyst, CTI at Target. We asked Leah to tell us more about her experiences as a member of the cybersecurity and RH-ISAC communities. How did you end up in the cybersecurity field? Leah: With the shift in consumer behavior and shopping patterns, the line is blurred between…

Read More

Data Security for a Zero-Trust Environment

Based on the pillars discussed in the earlier series posts, nothing changes when approaching data security – we start with knowing what is – at a minimum, organizations need to identify and categorize sensitive, regulated, operationally critical data, etc. Data Labeling and the Categorization of Critical Data Types This process will involve mapping all the…

Read More

Retail & Hospitality ISAC and National Retail Federation Partner to Enhance Cybersecurity in the Retail Industry

Vienna, VA (January 10, 2023) –The National Retail Federation (NRF) and the Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today announced a new collaboration to strengthen their collective efforts to improve cybersecurity within the retail and related consumer-facing sectors. This partnership will bring together RH-ISAC’s expertise in cybersecurity and threat intelligence with the…

Read More

Zero-Trust Network Security

The Basics There are some straightforward, yet specific, tool-related recommendations organizations can implement at near zero additional cost to maximize investments already made in their environment. Initially, when folks think about network security for organizations, network appliances like firewalls (FW) come up in conversation. Less commonly discussed is how permissive the FW rules are. Too…

Read More

New Linux Cryptominining Malware Developed with Shc in the Wild

On January 4, 2023, Ahn Lab Security Response Center (ASEC) researchers reported the technical details of a new Linux malware written using Shc delivering a cryptocurrency miner. ASEC researchers assess that the campaign is primarily targeting unspecified systems in South Korea. According to ASEC researchers, the malware authenticates through a dictionary attack on Linux SSH…

Read More