Annie - RH-ISAC - Page 18 of 21 Blog

Vienna, VA (January 25, 2023) – Information security teams have always had to do more with less, but 2023 might be the year when they are able to do more with more. Riding a three-year trend, 70% of CISOs expect their budgets to increase again this year, while 60% also expect more FTEs, according to…

Context On January 19, 2023, Mandiant security researchers published the technical details of malware campaign preparations they’ve reportedly observed since October 2022. Two key points should be noted regarding Mandiant’s assessment: Mandiant has not directly observed exploitation of the vulnerability, or deployment of BOLDMOVE in the wild. Mandiant researchers assess with low confidence that the…

Vienna, VA (January 10, 2023) –The National Retail Federation (NRF) and the Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today announced a new collaboration to strengthen their collective efforts to improve cybersecurity within the retail and related consumer-facing sectors. This partnership will bring together RH-ISAC’s expertise in cybersecurity and threat intelligence with the…

On January 4, 2023, Ahn Lab Security Response Center (ASEC) researchers reported the technical details of a new Linux malware written using Shc delivering a cryptocurrency miner. ASEC researchers assess that the campaign is primarily targeting unspecified systems in South Korea. According to ASEC researchers, the malware authenticates through a dictionary attack on Linux SSH…

The Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC) today announced its adoption of the FIRST Standard Definitions and Usage Guidance — Traffic Light Protocol (TLP) Version 2.0 for sharing information within the organization. As of January 4, 2023, all RH-ISAC intelligence reports, community calls, workshops, and briefings will follow TLP 2.0 standards. The intelligence team will discuss…

Vienna, VA (November 16, 2022) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) announced the results of the 2022 Board of Directors elections today. Rich Agostino, SVP and CISO at Target, and Dave Estlick, VP and CISO at Chipotle, were both re-elected for three-year terms on the board. Brett Cumming, senior director of information security at…

Vienna, VA (November 7, 2022) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today released its Holiday Season Cyber Threat Trends report, which examines the threat landscape facing the retail and hospitality sector during the holiday season, typically the busiest time of year for these industries. According to the report, QakBot, Emotet, Agent…

Context On October 4, 2022, DCSO CyTec security researchers reported the technical details of a new backdoor malware targeting Microsoft SQL servers they dubbed “Maggie.” According to researchers, the Maggie backdoor can bruteforce logins to other MSSQL servers and add a new hardcoded backdoor user after bruteforcing administrator logins. Researchers did not investigate if and…

The annual RH-ISAC Cyber Intelligence Summit was held in Plano, Texas on September 20-21, 2022. Summit is the premier event for cybersecurity practitioners in the retail, hospitality, and travel industries. This year’s event had nearly 400 attendees for two days full of presentations and networking. The post-conference report is now available to download. It includes details about…

Vienna, VA (September 29, 2022) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today released the first-ever public version of the Retail & Hospitality Intelligence Trends Summary, which analyzes trends in the cyberthreat landscape for the retail, hospitality, and travel sectors. The report sheds light on the top threats and malware families reported…