Annie - RH-ISAC - Page 9 of 37 Blog

The standards and best practices document provide a high-level overview of the twenty most critical cybersecurity controls hoteliers, online travel agencies (OTAs), and connectivity providers should focus on, particularly highlighting identity and access management (IAM) best practices, which can act as critical barriers for many prevalent fraud operations. Download the document here. The standards and…

VIENNA, VA (November 4, 2024) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) announced the results of the 2024 Board of Directors elections today. Eli Edelkind, CISO at CAVA, was elected as a new member of the board, and Benjamin Vaughn, CISO at Hyatt Hotels, and Marnie Wilking, CSO at Booking.com, were both re-elected for three-year…

Summary Since October 22, 2024, Microsoft Threat Intelligence has observed recorded activity of the Russian threat actor known as Midnight Blizzard conducting a sophisticated spear-phishing campaign aimed at individuals in various sectors, including government, academia, defense, and non-governmental organizations. This ongoing activity involves sending highly targeted emails, which include a signed Remote Desktop Protocol (RDP) configuration file…

In today’s digital landscape, hotels face increasing cybersecurity risks that can jeopardize guest data and damage brand reputation. Regular penetration testing has become an essential practice for hotels to identify vulnerabilities, ensure compliance, and maintain a strong security posture. This article explores the importance of penetration testing for hotels and guides on implementing an effective…

Summary A significant data breach involving Hot Topic, Torrid, and Box Lunch, advertised by the threat actor Satanic, has reportedly exposed the personal data of 350 million customers, including names, emails, addresses, phone numbers, and birthdates, billions of payment details and loyalty points, including the last 4 digits of customers’ credit cards, card types, hashed…