Shared Responsibility Model: Security in and of the Cloud

Have you ever been working on a project and missed a deadline or deliverable simply because there was a miscommunication about who would take the lead on getting it done? Divvying up responsibilities can be efficient and effective, but only when both parties have a complete understanding of what they are responsible for. The same…

Read More

FIN7 Actors Steal Millions of Credit Card Records from Numerous Entities via Carbanak Malware

Summary Threat actors aligning to the FIN7 hacking group have maintained a multi-year, large-scale hacking campaign that compromised tens of millions of consumer debit and credit cards. The campaign, operating since 2015, has damaged banks, hospitality entities, card companies, and direct consumers more than an estimated $1,000,000,000 USD by targeting numerous entities in the restaurant,…

Read More

Subdomain Takeovers in the Retail, Hospitality, and Travel Sectors

Recent research from Detectify found a 25% increase in vulnerabilities detected in its customers’ subdomain assets in 2021 than in 2020. Additionally, the study found a 100% increase in the median number of vulnerabilities per domain in 2021 than in 2020. Detectify researchers said that the subdomain attack surface continues to grow, and DNS is…

Read More

The Components of a Holistic SaaS Security Strategy

SaaS Security: A Changing Model of Cybersecurity Businesses today commonly employ hundreds of individual SaaS applications for a variety of specific functions, but the majority of sensitive data is typically entrusted to a small set of foundational enterprise applications. Security leaders are well aware that the transition to SaaS has prompted increased targeting by bad…

Read More

Retail & Hospitality ISAC Announces New Partnerships

Vienna, VA (March 31, 2022) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today announced that four new cybersecurity solutions providers have joined the organization as Associate Members. These companies will help to support the cybersecurity needs of the consumer-facing sector by providing thought leadership and expert guidance to RH-ISAC Core Members,…

Read More