Annie - RH-ISAC - Page 2 of 35 Blog

Executive Summary Cisco Talos has uncovered a sophisticated attack campaign exploiting CVE-2024-4577, a critical PHP-CGI remote code execution vulnerability, to compromise organizations in several countries. Attackers deploy Cobalt Strike beacons and use the TaoWu toolkit for post-exploitation activities, leveraging HTTP POST requests for initial access. GreyNoise telemetry indicates that this exploitation is more widespread than initially reported, affecting regions including the United States,…

Executive Summary Microsoft Threat Intelligence has identified a shift in tactics for Silk Typhoon, a Chinese state-sponsored espionage group, to target remote management tools and cloud applications for initial access. The group has now shifted to exploiting unpatched vulnerabilities in IT infrastructure to elevate privileges and move laterally into cloud environments, enabling data exfiltration and…

Account Takeover (ATO) remains a persistent challenge in retail and hospitality, with attackers continuously refining their techniques.  Over the past 18 months, 6.2 million accounts have been compromised – including 55,000 in the last month alone. Despite advancements in security, automated bot-fueled attacks continue to bypass traditional defenses, costing businesses billions in fraud-related losses and…

Executive Summary Kaspersky ICS CERT has identified SalmonSlalom, a sophisticated cyber campaign targeting industrial organizations in the Asia-Pacific (APAC) region. The attack employs a multi-stage payload delivery system, utilizing legitimate Chinese cloud services such as Youdao Cloud Notes and myqcloud for hosting and command-and-control operations. The malware framework delivers FatalRAT, a remote access trojan (RAT),…

VIENNA, VA (February 20, 2025) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today announced the appointment of three new regional vice chairs to strengthen its global engagement and member support. Marnie Wilking, VP and CSO at Booking.com, will serve as Vice Chair for the European, Middle East, and Africa region. Dave…