Annie - RH-ISAC - Page 11 of 21 Blog

Context Ariane Systems self-check-in systems installed at thousands of hotels worldwide are vulnerable to a kiosk mode bypass flaw that could allow access to guests’ personal information and the keys for other rooms, according to a new report form Pentagrid. Community Impact According to Ariane Systems, its self-checkout solutions are currently used by 3,000 hotels in 25 countries,…

Effective online security in ecommerce is crucial not just for protecting against data breaches, but also for building and maintaining trust between businesses and consumers. When customers feel confident that their personal information is safe and secure, they are more likely to engage and establish long-term relationships with brands. On the other hand, a single…

Executive Summary CheckPoint Researchers have released new findings detailing new methodologies to unpack malicious Nullsoft Scriptable Install System (NSIS)-based packages, which have been used in attacks propagating from AgentTesla, Remcos, and XLoader malware. The article also introduces NSIXloader, an NSIS-based crypter, and discusses how to create this tool to automatically unpack these samples for further analysis. Community Threat Assessment…

Executive Summary Cisco Talos has released a report detailing new findings around recent techniques, tactics, and procedures (TTPs) uncovered while investigating brand impersonation email campaigns. In the report, Cisco Talos detailed various novel TTPs used by threat actors to embed brand logos in emails, such as inserting brand-related words into HTML, using base64 encoding, fetching logos from…

On 6 May 2024, Zscaler researchers reported that the prevalent HijackLoader (also known as IDAT Loader) has been updated with new detection and analysis evasion techniques. Context and Technical Details According to Zscaler researchers, “HijackLoader now includes modules to add an exclusion for Windows Defender Antivirus, bypass User Account Control (UAC), evade inline API hooking…

On 1 May 2024, Fortinet researchers published the technical details of a new botnet they dubbed “Goldoon” targeting a high severity vulnerability in D-Link devices Context and Technical Details According to researchers, “If a targeted device is compromised, attackers can gain complete control, enabling them to extract system information, establish communication with a C2 server,…

On 1 May 2024, SentinalOne researchers reported the technical details of an adware campaign leveraging Adload evading Apple XProtect defensive measures to target macOS users. Context and Technical Details In late April 2024, Apple released more than 80 new rules for the XProtect malware signature list. SentinalOne researchers identified a malware campaign mere days later…

Executive Summary Threat actors are taking advantage of GitHub’s search functionalities to deceive users looking for popular repositories into downloading malicious  counterparts that serve malware, according to a new report from Checkmarx. Attackers are utilizing techniques like automated updates and fake stars to boost search rankings and deceive users. Community Threat Assessment The use of malicious GitHub repositories to distribute…

Vienna, VA (April 8, 2024) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today announced the cybersecurity solutions providers have recently joined the organization as new Associate Members. These companies will help to support the cybersecurity needs of the consumer-facing sector by sharing their knowledge, insights, and resources with RH-ISAC Core Members….

Vienna, VA (April 4, 2024) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) announced that Zscaler will be the title sponsor of the RH-ISAC Cyber Intelligence Summit, which takes place in Denver, Colorado on April 9 – 11.    The RH-ISAC Cyber Intelligence Summit is an annual event tailored for strategic leaders and…