» Blog

Our first Member Spotlight of 2022 is Noah Kischuk, a security engineer at PetSmart. Noah joined the PetSmart team in October of 2021, after spending two and a half years with a public state organization pulling double-duty as both systems administrator and incident response analyst. Having earned his degree in information technology with a focus…

As RH-ISAC welcomes 2022, we would like to take a moment to reflect on the accomplishments of 2021, made possible only by the dedication and resilience our member community has shown. Despite the challenges thrown at the industry, from the pandemic to major security events like the Log4j vulnerability, our members have continued to come…

RH-ISAC recently partnered with Associate Member SecurityScorecard to produce a report that details the most common vulnerabilities, critical severity issues, and malware strains observed among RH-ISAC member companies. SecurityScorecard is the global leader in cybersecurity ratings, which are used for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting. SecurityScorecard provides companies with an…

According to a recent study by SecureLink and Ponemon Institute, 51% of organizations have experienced a data breach caused by a third-party. Despite the growing risk third parties pose however, many companies are still not making securing these relationships a priority. The key to effectively mitigating your third-party risk is making it a continuous process,…

On Thursday, December 9, Apache published a zero-day vulnerability (CVE-2021-44228). Known as “Log4Shell”, this vulnerability is a critical remote code execution vulnerability in Apache’s Log4j software library, which is of extreme concern to the security community due to its widespread usage and potential for exploitation. This flaw impacts Apache Log4J, versions 2.0 to 2.14.1, a…