» Annie Chambliss Blog

Vienna, VA (June 14, 2022) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) will host an Emerging Technology Showcase on June 29-30. The event will highlight cutting-edge cybersecurity technologies and demonstrate how these solutions can mitigate cyber threats in the consumer-facing sector. The showcase will feature five sessions: Automating Security Hygiene More…

Vienna, VA (June 6, 2022) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today released the Retail & Hospitality Industry Insights Report, which analyzes cybersecurity trends in the consumer-facing sector. The report compares key takeaways from the Verizon Data Breach Investigation Report (DBIR) with RH-ISAC member data to provide additional context that…

Context Microsoft has shared mitigation measures, which are included below, to block attacks exploiting the flaw, designated CVE-2022-30190, while a patch is being developed. Microsoft‘s entry for CVE-2022-30190 indicates it affects MSDT on all versions of Windows and Windows Server and has detected exploitation in the wild. The remote code execution vulnerability exists when Microsoft Support Diagnostic Tool (MSDT) is called using the…

Summary The notable ransomware gang known as Conti has, according to security firm Advanced Intel (AdvIntel), taken its infrastructure offline and shut down its ransomware operations. While public-facing ‘Conti News’ data leak and the ransom negotiation sites are still online, the Tor admin panels used by Conti members to perform negotiations, publish news, and generate…

Context On May 12, 2022, Apache released an advisory regarding a high severity vulnerability in Apache Tomcat. The vulnerability, designated CVE-2022-25762, affects Tomcat versions 9.0.0.M1 to 9.0.2o and 8.5.0 to 8.5.75. Apache advises users to upgrade to 9.0.21 or later or 8.5.76 or later to mitigate the vulnerability. A May 16, 2022 advisory from CISA…