Annie - RH-ISAC - Page 2 of 40 Blog

VIENNA, VA (September 4, 2025) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) convened leaders from across the retail and hospitality sectors on 27 August 2025 for the Fraud Defense Forum, hosted at Target’s office in Minneapolis. The event brought together some of the world’s largest retailers to strengthen collective efforts in…

Executive Summary A widespread, opportunistic data theft campaign against Salesforce, attributed to the group UNC6395, has expanded in scope beyond initial reports. The attacks leverage compromised OAuth tokens from Salesloft Drift, an AI chat agent, to gain unauthorized access to customer instances of various services, including Salesforce and Google Workspace. Cybersecurity firms Zscaler and Palo Alto Networks have publicly confirmed impact,…

Executive Summary UK-based telecom provider Colt Technology Services has been battling a cyberattack since August 12, 2025, which disrupted several of its support and online platforms for days. Initially described as a “technical issue,” the company later confirmed it was a cyber incident and that customer data was stolen. The WarLock ransomware group has claimed responsibility,…

Executive Summary Since November 2024, IBM X-Force has been tracking QuirkyLoader, a new malware loader actively used to deliver a variety of well-known payloads, including keyloggers and Remote Access Trojans (RATs). This multi-stage infection begins with a malicious email attachment that exploits dynamic-link library (DLL) side-loading to execute a hidden malicious DLL. The loader, consistently written…

VIENNA, VA (August 20, 2025) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) has officially opened the call for presentations for the 2026 Cybersecurity Summit, taking place 13-15 April 2026 in Austin, Texas. The Summit is the premier event for cybersecurity practitioners across the retail, hospitality, and customer-facing sectors. RH-ISAC is seeking…