Member Spotlight: Leah Schwartzman

This month’s member spotlight is Leah Schwartzman, Lead Cybersecurity Analyst, CTI at Target. We asked Leah to tell us more about her experiences as a member of the cybersecurity and RH-ISAC communities. How did you end up in the cybersecurity field? Leah: With the shift in consumer behavior and shopping patterns, the line is blurred between…

Read More

Data Security for a Zero-Trust Environment

Based on the pillars discussed in the earlier series posts, nothing changes when approaching data security – we start with knowing what is – at a minimum, organizations need to identify and categorize sensitive, regulated, operationally critical data, etc. Data Labeling and the Categorization of Critical Data Types This process will involve mapping all the…

Read More

Zero-Trust Network Security

The Basics There are some straightforward, yet specific, tool-related recommendations organizations can implement at near zero additional cost to maximize investments already made in their environment. Initially, when folks think about network security for organizations, network appliances like firewalls (FW) come up in conversation. Less commonly discussed is how permissive the FW rules are. Too…

Read More

New Linux Cryptominining Malware Developed with Shc in the Wild

On January 4, 2023, Ahn Lab Security Response Center (ASEC) researchers reported the technical details of a new Linux malware written using Shc delivering a cryptocurrency miner. ASEC researchers assess that the campaign is primarily targeting unspecified systems in South Korea. According to ASEC researchers, the malware authenticates through a dictionary attack on Linux SSH…

Read More

RH-ISAC Adopts TLP 2.0 Standards

The Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC) today announced its adoption of the FIRST Standard Definitions and Usage Guidance — Traffic Light Protocol (TLP) Version 2.0 for sharing information within the organization. As of January 4, 2023, all RH-ISAC intelligence reports, community calls, workshops, and briefings will follow TLP 2.0 standards. The intelligence team will discuss…

Read More