Retail & Hospitality ISAC and NACD Collaborate to Prepare the Next Generation of Aspiring Boardroom Leaders

Vienna, VA (April 18, 2023) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) and the National Association of Corporate Directors (NACD), the authority on boardroom practices representing more than 23,000 board members, have launched a new alliance to promote NACD Accelerate™ to cybersecurity professionals, an educational program for aspiring boardroom leaders and executives…

Read More

New Python-Based Malware “Legion” Includes AWS Credential Harvesting and SMTP Hijacking Capabilities

On April 13, 2023, Cado Labs researchers reported the technical details of a new malware they dubbed “Legion.” Context According to the report, Legion is written in Python and includes credential harvesting and SMTP hijacking capabilities. Researchers reported that the tool is currently being sold on Telegram. Technical Details According to researchers, key features of…

Read More

RH-ISAC Offers Events and Programs Around the Globe

As the ISAC for the global retail and hospitality sectors, RH-ISAC will host several in-person events in Europe this quarter to continue to serve companies that have a strong presence in the region, including Nestlé, Ahold Delhaize, Natural &Co, Tesco, and Danone. Additionally, RH-ISAC has programming to serve cybersecurity personnel in the Asia-Pacific market and…

Read More

UPDATE: Mandiant Initial Analysis of 3CXDesktopApp Supply Chain Attack Confirms North Korean Threat Actor

Context On April 11, 2023, 3CX released the initial results of Mandiant’s incident response and investigation into the supply chain attack that compromised 3CXDesktopApp. According to the report, the activity is attributable to the North Korean threat group UNC4736. Technical Details According to Mandiant: “the attacker infected targeted 3CX systems with TAXHAUL (AKA “TxRLoader”) malware….

Read More

New Report Outlines Challenges in CTI for CISOs and Cyber Leaders

Context On April 6, 2023, CSO reported on a research report from ESG on the challenges that face cyber security leaders when making decisions based on cyber threat intelligence. According to the report, “95% of enterprise organizations (those with more than 1,000 employees) have a threat intelligence budget, and 98% plan to increase spending on…

Read More

New “OpcJacker” Malware Includes Infostealing and Crypto Wallet Replacing Capabilities

Context On March 29, 2023, Trend Micro security researchers reported a new malware they named “OpcJacker.” According to the report, OpcJacker includes multiple capabilities such as: Keylogging Taking screenshots Stealing sensitive data from browsers Loading additional modules Replacing cryptocurrency addresses in the clipboard for hijacking purposes Trend Micro researchers assessed that: The primary objective of…

Read More

Ongoing Campaign Hijacking 3CXDesktopApp to Deliver Infostealer

Context On March 29, 2023, multiple cybersecurity firms began reporting that 3CXDesktopApp, a Voice Over Internet Protocol (VOIP) Private Automatic Branch Exchange (PABX) enterprise call routing software, is currently compromised in a supply chain attack. Multiple investigations have reported that an unknown threat actor has trojanized installers for 3CXDesktopApp, to install an information stealing malware….

Read More

Retail & Hospitality ISAC Announces New Partnerships

Vienna, VA (March 30, 2023) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today announced that several cybersecurity solutions providers have joined the organization as new Associate Members. These companies will help to support the cybersecurity needs of the consumer-facing sector by providing thought leadership, resources, and expert guidance to RH-ISAC Core Members,…

Read More

FBI IC3 2022 Internet Crime Report Identifies Key BEC and Ransomware Trends

Context On March 27, 2023, the Federal Investigation Bureau released the IC3 2022 Internet Crime Report. The report covers major trends found across complaints investigated by the IC3, which the FBI defines as “an intelligence-driven and threat focused national security organization with both intelligence and law enforcement responsibilities.” Key Takeaways According to the report key…

Read More

Member Spotlight: Jeffrey Davidhizar

This month’s member spotlight is Jeffrey (Jeff) Davidhizar, security analyst at Crutchfield Corporation. We asked Jeff to tell us more about how he transitioned from teaching math to middle and high school students to his career in cybersecurity. Can you introduce yourself? Tell us a little bit about your background and what you do at…

Read More