Annie - RH-ISAC Blog

VIENNA, VA (April 14, 2025) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) announced its 2025 award winners during the annual membership meeting held on 9 April in St. Louis, Missouri. The awards recognize outstanding companies and individuals who have displayed extraordinary dedication to RH-ISAC’s mission to build a collaborative sharing community…

Context Ivanti has disclosed a critical vulnerability, CVE-2025-22457 (CVSS 9.0), affecting multiple product lines including Connect Secure, Policy Secure, and ZTA Gateways. The flaw, a stack-based buffer overflow, allows unauthenticated remote attackers to execute arbitrary code, and has been actively exploited in the wild. Google’s Mandiant team identified threat activity tied to UNC5221, a China-nexus group, which…

The retail and hospitality industries are facing a surge in cyber threats, with ransomware, phishing campaigns, and impersonation scams among the most pressing risks. In 2024 alone, ransomware accounted for 30% of all reported incidents in these sectors, while phishing attacks targeting customer data increased by 22% year-over-year. These threats not only disrupt operations but…

Context Sekoia researchers have released updates on ClearFake, a malicious JavaScript framework that infects compromised websites to deliver malware through drive-by downloads and social engineering tactics. Initially observed in July 2023, ClearFake utilized fake browser update prompts to trick users into downloading malware. The latest 2025 variant introduces new lures, including fake reCAPTCHA and Cloudflare Turnstile verifications,…

Executive Summary Cybersecurity researchers at SecureList by Kaspersky have uncovered a sophisticated cyber espionage campaign by SideWinder, an Advanced Persistent Threat group targeting hospitality and consulting organizations, among others, across South and Southeast Asia, the Middle East, Europe, and Africa. The group relies on spear-phishing emails containing malicious documents that exploit CVE-2017-11882, a dated but effective Microsoft…