Blog - RH-ISAC

RH-ISAC recently partnered with Associate Member SecurityScorecard to produce a report that details the most common vulnerabilities, critical severity issues, and malware strains observed among RH-ISAC member companies. SecurityScorecard is the global leader in cybersecurity ratings, which are used for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting. SecurityScorecard provides companies with an…

According to a recent study by SecureLink and Ponemon Institute, 51% of organizations have experienced a data breach caused by a third-party. Despite the growing risk third parties pose however, many companies are still not making securing these relationships a priority. The key to effectively mitigating your third-party risk is making it a continuous process,…

On Thursday, December 9, Apache published a zero-day vulnerability (CVE-2021-44228). Known as “Log4Shell”, this vulnerability is a critical remote code execution vulnerability in Apache’s Log4j software library, which is of extreme concern to the security community due to its widespread usage and potential for exploitation. This flaw impacts Apache Log4J, versions 2.0 to 2.14.1, a…

This month’s member spotlight is someone new to RH-ISAC and new to the cybersecurity field, but he has hit the ground running, quickly becoming an active participant on our sharing channels. Today we’re featuring Tim Karns, junior security analyst at Masonite, one of the leading manufacturers of interior and exterior doors for residential and architectural…

According to the Cyber Readiness Institute, 63% of data breaches result from weak or stolen passwords. Putting a strong password policy in place is one of those first lines of defense that sounds so easy, but can realistically be hard to implement, as it depends on the cooperation of all the employees in your organization….