Blog

On November 20, 2023, Cofense researchers published a report on a phishing campaign spreading DarkGate and Pikabot that is leveraging tactics previously used to deploy QakBot. Context Cofense researchers stated, “This campaign disseminates a high volume of emails to a wide range of industries, and due to the loader capabilities of the malware delivered, targets…

Tyler Compton, lead information security engineer at Aaron’s, discusses how he began his journey in cybersecurity, what he enjoys about cybersecurity, and the value of the RH-ISAC community. Tell us about yourself and your background. I grew up outside of a little big city in North Georgia called Rome. There are not a ton of…

On November 2, 2023, the RH-ISAC intelligence and engineering team published the RH-ISAC Fraud Galaxy in the RH-ISAC Malware Intelligence Sharing Platform (MISP) instance for the retail, hospitality, and travel community to leverage. Purpose The purpose of the RH-ISAC Fraud MISP galaxy is to provide a knowledge base for the numerous fraud types that affect…

Alicia Gristmacher, manager of cybersecurity compliance operations at Hyatt, discusses how she began her journey in cybersecurity, Hyatt’s commitment to protecting people, and what she enjoys most about the cybersecurity sector. Tell us about yourself and your background. As a manager of cybersecurity compliance operations at Hyatt, I am responsible for the global third-party risk…

Context On October 24, 2023, Kaspersky researchers released a report on several cyber threats, including the GoPIX infostealer malware campaign, which they assess has been active since December 2022. Technical Details According to Kaspersky: “GoPIX is a typical clipboard stealer malware that steals PIX “transactions” used to identify payment requests and replaces them with a…

With cyber incidents on the rise, it’s more important than ever to protect data, both professionally and personally. Each October, we celebrate Cybersecurity Awareness Month as a reminder to take proactive steps to safeguard information from cyberattacks. This year is particularly significant as 2023 marks the 20th campaign. Developed by the National Cybersecurity Alliance and…

On October 3, the RH-ISAC recognized the 2023 award winners at the Member Meeting & Celebration Dinner, held in conjunction with the Annual Cyber Intelligence Summit. Each year we honor those member organizations and individuals who went the extra mile to further the RH-ISAC community through their sharing endeavors. Awards are distinguished by two different…

The RH-ISAC Cyber Intelligence Summit in Dallas, Texas, is right around the corner. From October 2 – 4, cybersecurity practitioners in retail and hospitality will meet at RH-ISAC’s largest conference of the year to explore solutions to pressing issues, expand their skillset, and network. This year, we developed an extensive program featuring a range of…

Last holiday season, the headlines were all about the excess supply and glut of inventory that retailers had to sell off quickly to capture revenue amidst tight competition and waning consumer sentiment. While this year has so far presented new macroeconomic pressures — which some argue might be getting worse — retailers have continued to…

Michael Francess is the senior manager of cybersecurity advanced threat and response at Wyndham Hotels & Resorts. We were able to talk with Michael about his fascination with cybersecurity during his youth, role at Wyndham, and how the RH-ISAC community has impacted him. Tell us about yourself and your background. I have been with Wyndham…