April 2023 - RH-ISAC Blog

On April 26, 2023, BitDefender Labs researchers reported the technical details of a new custom malware named BellaCiao they attribute to the Iranian Charming Kitten advanced persistent threat (APT). Context According to the report, “This malware is tailored to suit individual targets and exhibits a higher level of complexity, evidenced by a unique communication approach…

Context On April 25, 2023, BlackBerry threat intelligence researchers released their Global Threat Report for the December 2022-February 2023 period. According to the report, BlackBerry researchers observed up to 12 attacks per minute, new malware sample increases of 50% in prevalence. Key Takeaways Key findings from the report for the retail, hospitality, and travel communities…

This month’s member spotlight is Christopher (Chris) De La Rosa, senior threat intelligence analyst at DICK’S Sporting Goods. During our conversation with Chris, he expanded upon his unconventional path leading to his career in threat intelligence and his day-to-day duties. Keep an eye out for Chris at the upcoming RH-ISAC Summit as he is hoping…

Vienna, VA (April 18, 2023) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) and the National Association of Corporate Directors (NACD), the authority on boardroom practices representing more than 23,000 board members, have launched a new alliance to promote NACD Accelerate™ to cybersecurity professionals, an educational program for aspiring boardroom leaders and executives…

On April 13, 2023, Cado Labs researchers reported the technical details of a new malware they dubbed “Legion.” Context According to the report, Legion is written in Python and includes credential harvesting and SMTP hijacking capabilities. Researchers reported that the tool is currently being sold on Telegram. Technical Details According to researchers, key features of…