Github logo
Threat Intelligence

Checkmarx Researchers Detail Novel Python GitHub Attack Affecting Over 170K Users

Posted on March 25, 2024

By Bradford Regeski, Cyber Threat Intelligence Analyst

Executive Summary The Checkmarx Research team has reported a sophisticated campaign which is targeting software supply chains and resulting in successful exploitation of multiple GitHub users. Key targets included the Top.gg GitHub organization, which claims to have over 170,000 users, and individual developers on the code publishing platform. The attackers employed various novel tactics, including account takeover via…

Read More
Hands typing on keyboard
Threat Intelligence

Chinese Threat Group UNC5274 Reportedly Exploiting F5 BIG-IP and ScreenConnect CVEs for Active Exploitation

Posted on March 22, 2024

By Lee Clark, RH-ISAC Cyber Threat Intelligence Production Manager

On March 21, 2023, Mandiant researchers reported their latest technical details detailing a campaign exploiting critical vulnerabilities in F5 BIG-IP and ScreenConnect, which they attribute to the Chinese state-sponsored actor known as UNC5174. Community Impact Assessment Due to the widespread use of F5 BIG-IP and ScreenConnect across global regions and industries, the RH-ISAC intelligence team…

Read More
Cold fusion logo
Threat Intelligence

TeamT5 Releases Latest Developments on Active Exploitation of Adobe ColdFusion Vulnerability

Posted on March 21, 2024

By Bradford Regeski, Cyber Threat Intelligence Analyst

Executive Summary Security researchers from TeamT5 have released their latest findings detailing CVE-2023-29300, a JAVA deserialization vulnerability resulting in arbitrary code execution. At least 66 devices in Japan have already been compromised via CVE-2023-29300, affecting various sectors such as healthcare, education, and manufacturing. Threat actors, including cyber-criminals and state-sponsored groups such as China-nexus APT group SLIME13 (known as Flax…

Read More
Threat Intelligence

Phishing Campaign Leveraging Microsoft Office Templates to Deliver NetSupportRAT to US-Based Organizations

Posted on March 20, 2024

By Lee Clark, RH-ISAC Cyber Threat Intelligence Production Manager

On March 18, 2024, Perception Point researchers published the technical details of a phishing campaign leveraging Microsoft Office document templates for execution and obfuscation to deliver NetSupportRAT to corporate targets based in the United States. Community Impact According to the most recent RH-ISAC Intelligence Trends Summary, Microsoft-related phishing reporting fell slightly, remains a top threat…

Read More
Summit 2024
Press Release

Keynote Speakers and Agenda Confirmed for 2024 Retail and Hospitality ISAC Cyber Intelligence Summit

Posted on March 14, 2024

By Annie Chambliss, RH-ISAC Director of Marketing and Communications

VIENNA, VA (March 14, 2024) – The Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC)  announced that Rich Agostino, senior vice president and CISO at Target, Jayson E. Street, renowned social engineering expert, and Andy Greenberg, senior writer for WIRED, will be keynote speakers at the 2024 RH-ISAC Cyber Intelligence Summit. The annual event…

Read More