Blog

The RH-ISAC awards are an annual opportunity to honor the individuals and member companies who have gone above and beyond in their commitment to the RH-ISAC community. The recipients of these awards have displayed extraordinary dedication to the culture of sharing and have gone out of their way to assist RH-ISAC in fulfilling our mission…

Mobile apps can serve as a convenient way for your customers to do business with you from their smartphones, but just like criminals can attempt to spoof your domains, they can also spoof your mobile app, even if you don’t have one. Rogue mobile apps are applications that use a trusted brand name to steal…

Context On September 6, 2022, researchers at AT&T Alien Labs reported technical details of a new malware, “Shikitega,” that targets endpoints and internet of things (IoT) devices running Linux operating systems. Once delivered, Shikitega allows actors full remote access to the infected system and installs a cryptominer with persistence. Key takeaways from the report include:…

APIs have become increasingly prevalent in the last few years as companies have begun to focus on digital transformation and migration to the cloud. APIs are a large part of what makes the cloud possible. They’re used to access and manage our cloud resources and connect microservices to build our applications. As developers grew to…

The threat actors behind the BianLian Ransomware are rapidly expanding infrastructure, and it has been observed targeting manufacturing organizations. Context On September 1, 2022, researchers at the cybersecurity firm Redacted published a technical analysis of the BianLian ransomware. In the past month, BianLian has been observed being deployed against numerous sectors, including manufacturing, healthcare, and…

After two years of being virtual due to pandemic-related precautions, RH-ISAC’s Cyber Intelligence Summit is back in person this year! We’ll be in Dallas on September 20-21 to host the premier event for cybersecurity practitioners in the retail, hospitality, and travel industries.  Here are just a few of the many reasons that our members are…

When you think “security awareness,” the first thing that comes to mind is likely the training you provide non-security staff related to persistent threats like phishing. While this type of training will always be important, it is also becoming necessary to augment traditional programs with specialized application security awareness training for your CI/CD-related teams as…

RH-ISAC: What is your background in cybersecurity? Where did you get your training and education? Jordan: My cybersecurity career started with my current company, BigCommerce, about three-and a-half years ago. I was in another role at the same company and was given the opportunity to meet our cybersecurity team to learn more about the field….

Application programming interfaces, or APIs, are software interfaces that allow computer programs to communicate with one another to perform services without needing to know the internal details of how the other system functions. As application development shifts to the cloud, APIs have become indispensable, allowing us to connect microservices and conveniently take advantage of software,…

The new HYPERSCRAPE data extraction tool developed by the Iranian Charming Kitten threat group eases the process of stealing email data from targeted accounts. Context On August 23, 2022, Google Threat Analysis Group (TAG) researchers published a technical analysis of a unique data extraction tool they named “HYPERSCRAPE” used by the Iranian state-backed Charming Kitten…