DarkGate and PikaBot Leveraging QakBot TTPs in Phishing Campaign

On November 20, 2023, Cofense researchers published a report on a phishing campaign spreading DarkGate and Pikabot that is leveraging tactics previously used to deploy QakBot. Context Cofense researchers stated, “This campaign disseminates a high volume of emails to a wide range of industries, and due to the loader capabilities of the malware delivered, targets…

Read More

Member Spotlight: Tyler Compton

Tyler Compton, lead information security engineer at Aaron’s, discusses how he began his journey in cybersecurity, what he enjoys about cybersecurity, and the value of the RH-ISAC community. Tell us about yourself and your background. I grew up outside of a little big city in North Georgia called Rome. There are not a ton of…

Read More

RH-ISAC Publishes Fraud Galaxy in MISP

On November 2, 2023, the RH-ISAC intelligence and engineering team published the RH-ISAC Fraud Galaxy in the RH-ISAC Malware Intelligence Sharing Platform (MISP) instance for the retail, hospitality, and travel community to leverage. Purpose The purpose of the RH-ISAC Fraud MISP galaxy is to provide a knowledge base for the numerous fraud types that affect…

Read More

Member Spotlight: Alicia Gristmacher

Alicia Gristmacher, manager of cybersecurity compliance operations at Hyatt, discusses how she began her journey in cybersecurity, Hyatt’s commitment to protecting people, and what she enjoys most about the cybersecurity sector. Tell us about yourself and your background. As a manager of cybersecurity compliance operations at Hyatt, I am responsible for the global third-party risk…

Read More

GoPIX Infostealer Targeting PIX Payment System in Brazil

Context On October 24, 2023, Kaspersky researchers released a report on several cyber threats, including the GoPIX infostealer malware campaign, which they assess has been active since December 2022. Technical Details According to Kaspersky: “GoPIX is a typical clipboard stealer malware that steals PIX “transactions” used to identify payment requests and replaces them with a…

Read More