» Annie Chambliss Blog

Context Car dealership software-as-a-service provider (SaaS) CDK Global has been impacted by a large-scale cyberattack, causing the company to shut down a portion of its systems and leaving clients unable to operate their businesses normally. Community Impact The outage and restoration of CDK Global services impacts a portion of the RH-ISAC Core Membership and is notable due to…

Vienna, VA (June 20, 2024) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) announces their new critical provider program in partnership with Google Cloud Security, Microsoft, Palo Alto Networks, and Akamai as tier three associate members. These companies will be supporting RH-ISAC, its board of directors, and Core Membership as strategic partners dedicated…

Context A new PHP for Windows remote code execution (RCE) vulnerability has been disclosed, impacting all releases since version 5.x, potentially impacting a massive number of servers worldwide. The new RCE flaw, tracked as CVE-2024-4577, was discovered by Devcore Principal Security Researchers on 7 May 2024, who reported it to the PHP developers. PHP project maintainers released a…

Context Ariane Systems self-check-in systems installed at thousands of hotels worldwide are vulnerable to a kiosk mode bypass flaw that could allow access to guests’ personal information and the keys for other rooms, according to a new report form Pentagrid. Community Impact According to Ariane Systems, its self-checkout solutions are currently used by 3,000 hotels in 25 countries,…

Effective online security in ecommerce is crucial not just for protecting against data breaches, but also for building and maintaining trust between businesses and consumers. When customers feel confident that their personal information is safe and secure, they are more likely to engage and establish long-term relationships with brands. On the other hand, a single…