Blog

With cybersecurity being a flourishing industry with promising job opportunities, recent college graduates may have their sights set on a career in cyber threat intelligence. The notion that graduates must obtain a degree in computer science, computer programming, or machine learning to land a career in cybersecurity is no longer the case. Many skills developed…

Context On May 16, 2023, ZScaler threat researchers reported the technical details of a new ransomware-as-a-service (RaaS) operation they’ve observed being advertised on dark web forums. ZScaler researchers provided the following key takeaways: CryptNet is a new ransomware-as-a-service that has been advertised in underground forums since at least April 2023 The CryptNet threat group claims…

As a retailer or hospitality professional, we know that it is important to you to ensure that you are securing payment data effectively for your customers and for your business. It is also important for you to have a voice when it comes to the future of securing payment data through the ongoing development of…

Context On May 4, 2023, VulnCheck researchers released a proof-of-concept (POC) exploit for CVE-2023-27350. According to the report, the exploit bypasses current detection options for attacks leveraging the vulnerability. Technical Details According to NIST, CVE-2023-27350 “allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to…

On April 26, 2023, BitDefender Labs researchers reported the technical details of a new custom malware named BellaCiao they attribute to the Iranian Charming Kitten advanced persistent threat (APT). Context According to the report, “This malware is tailored to suit individual targets and exhibits a higher level of complexity, evidenced by a unique communication approach…

Context On April 25, 2023, BlackBerry threat intelligence researchers released their Global Threat Report for the December 2022-February 2023 period. According to the report, BlackBerry researchers observed up to 12 attacks per minute, new malware sample increases of 50% in prevalence. Key Takeaways Key findings from the report for the retail, hospitality, and travel communities…

This month’s member spotlight is Christopher (Chris) De La Rosa, senior threat intelligence analyst at DICK’S Sporting Goods. During our conversation with Chris, he expanded upon his unconventional path leading to his career in threat intelligence and his day-to-day duties. Keep an eye out for Chris at the upcoming RH-ISAC Summit as he is hoping…

On April 13, 2023, Cado Labs researchers reported the technical details of a new malware they dubbed “Legion.” Context According to the report, Legion is written in Python and includes credential harvesting and SMTP hijacking capabilities. Researchers reported that the tool is currently being sold on Telegram. Technical Details According to researchers, key features of…

As the ISAC for the global retail and hospitality sectors, RH-ISAC will host several in-person events in Europe this quarter to continue to serve companies that have a strong presence in the region, including Nestlé, Ahold Delhaize, Natural &Co, Tesco, and Danone. Additionally, RH-ISAC has programming to serve cybersecurity personnel in the Asia-Pacific market and…

Context On April 11, 2023, 3CX released the initial results of Mandiant’s incident response and investigation into the supply chain attack that compromised 3CXDesktopApp. According to the report, the activity is attributable to the North Korean threat group UNC4736. Technical Details According to Mandiant: “the attacker infected targeted 3CX systems with TAXHAUL (AKA “TxRLoader”) malware….