Blog - RH-ISAC

RH-ISAC’s Cyber Intelligence Summit, taking place this year in Dallas, TX, on September 20-21, is the premier event for cybersecurity practitioners in the retail, hospitality, and travel industries. The two-day conference features keynote speakers, breakout sessions for peer-to-peer learning, and plenty of opportunities for networking during nightly happy hours and dinners. This year’s agenda was…

The SEABORGIUM phishing operation targets organizations with a connection to Russian interests leveraging three different open-source phishing kits, the most prevalent of which has been observed in recently reported phishing attacks. Context On August 15, 2022, Microsoft Threat Intelligence Center (MSTIC) researchers disclosed details of a phishing and cyberespionage operation that they disrupted in partnership…

Whether you’ve developed an application in-house or are simply using software-as-a-service apps, it is beneficial to know the standards that govern application security so you can ensure that you do not accidentally end up out of compliance with them, which in addition to potentially being a regulatory liability, would put you at risk of a…

Application Programming Interfaces (APIs) are a type of software interface that allows services to communicate with one another to leverage each other’s data and functionality without needing to see everything that is on the other end. They enable applications to talk to one another, such as when you use your Facebook account to login to…

Context On August 4, 2022, Cisco Talos Intelligence researchers reported new technical details of a tool called “Dark Utilities” that provides a full suite of command-and-control (C2) capabilities for threat actors. The tool, which was released in early 2022, is advertised by creators as enabling remote access, command execution, distributed denial-of-service (DDoS) attacks, and cryptomining…