Blog

Details continue to emerge regarding the Lapsus$ breach of Okta systems and the impact of the incident on Okta customers and the broader security community. On March 21, 2022, the Lapsus$ cyber threat group posted screenshots on their Telegram channel demonstrating that the group had gained superuser access to Okta systems and access to Okta…

As the Russia-Ukraine conflict continues to evolve, RH-ISAC is releasing regular threat intelligence and analysis as it relates to cybersecurity risks.

Despite automation, machine learning, and all the rest of the state-of-the-art detection technology at our fingertips, attackers still slip through the cracks. You can utilize tools such as website application firewalls and endpoint discovery and response solutions, but one of the most important ways to reduce your risk of being the victim of a ransomware…

With average ransom demands now in the millions, ransomware attacks are a lucrative business. It’s no wonder then that more people are trying to get a piece of the profit, and it’s becoming easier than ever to do it with the rise of ransomware-as-a-service. Just like software-as-a-service businesses provide easy access to software, ransomware-as-a-service businesses…

As travel restrictions ease in 2022, hotel InfoSec departments are preparing for an influx of customers as well as an increase in cyber attacks. Hotels secure a large amount of sensitive customer data and have a broad attack surface, so they are common targets for threat actors. Here are five of the top cyber threats…

According to the 2020 Unit 42 Incident Response and Data Breach Report, remote desktop protocol (RDP) services were the initial attack vector in 50% of ransomware deployment cases. RDP services have been a popular attack vector for years, particularly for use on small enterprises where phishing emails may not be as successful. However, the COVID-19…

Colonial Pipeline. JBS. Kaseya. 2021 was a record year for high-profile, expensive ransomware attacks. In 2022 we can only expect this to continue, as ransomware-as-a-service expands threat actor accessibility to tools, and new double/triple extortion ransomware attacks raise potential profits even higher. Although the retail and hospitality sector has not been hit nearly as hard…

In October 2021, RH-ISAC launched a members-only podcast highlighting best practices in cybersecurity. RH-ISAC is excited to announce our podcast is now moving public in a newly revised format and will be available to members and non-members alike on major podcast platforms. Part of RH-ISAC’s mission is to be a trusted cybersecurity resource for the…

The stakes remained high for retailers this holiday season, with attackers aggressively focusing their attention on the commerce sector – both in the U.S. and abroad. Several factors played into the increase in malicious activity — the surge in online traffic due to pandemic-related restrictions as well as compounding supply chain issues and associated inventory…

As the Russia/Ukraine crisis develops, RH-ISAC is working to provide guidance to the retail and hospitality community concerned with the situation’s impact on their operations. Historically, Russian cyber activities during regional conflict start with massive DDoS attacks against the target states’ communications and civil infrastructure organizations. Other opportunistic attacks such as ransomware and data breaches…