» Annie Blog

Context On August 3, 2022, ZScaler researchers reported the technical details of an adversary in the middle (AiTM) campaign active since at least June 2022. The RH-ISAC team believes, based on timing and nearly identical tactics, techniques, and procedures (TTPs), that this campaign is likely connected to highly similar activity previously reported by Microsoft. Key…

Vienna, VA (June 29, 2022) — The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today announced Ira Winkler as the opening keynote speaker at the RH-ISAC Cyber Intelligence Summit taking place September 20-21, 2022, at the Hilton Dallas/Plano Granite Park in Plano, Texas. Ira serves as the chief security architect for the world’s largest retailer,…

Vienna, VA (June 14, 2022) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) will host an Emerging Technology Showcase on June 29-30. The event will highlight cutting-edge cybersecurity technologies and demonstrate how these solutions can mitigate cyber threats in the consumer-facing sector. The showcase will feature five sessions: Automating Security Hygiene More…

Vienna, VA (June 6, 2022) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today released the Retail & Hospitality Industry Insights Report, which analyzes cybersecurity trends in the consumer-facing sector. The report compares key takeaways from the Verizon Data Breach Investigation Report (DBIR) with RH-ISAC member data to provide additional context that…

Context Microsoft has shared mitigation measures, which are included below, to block attacks exploiting the flaw, designated CVE-2022-30190, while a patch is being developed. Microsoft‘s entry for CVE-2022-30190 indicates it affects MSDT on all versions of Windows and Windows Server and has detected exploitation in the wild. The remote code execution vulnerability exists when Microsoft Support Diagnostic Tool (MSDT) is called using the…