Risk Management Archives - Page 2 of 5 - RH-ISAC Blog

Context Microsoft has shared mitigation measures, which are included below, to block attacks exploiting the flaw, designated CVE-2022-30190, while a patch is being developed. Microsoft‘s entry for CVE-2022-30190 indicates it affects MSDT on all versions of Windows and Windows Server and has detected exploitation in the wild. The remote code execution vulnerability exists when Microsoft Support Diagnostic Tool (MSDT) is called using the…

Security spend for eCommerce companies grows year on year, and according to data researched by BigCommerce, 77% of businesses bought new security tools in the last year, and 69% have added security headcount to their teams. However, is this security being targeted in the right direction? In particular – how much attention do you put…

For many enterprises, zero trust has emerged as the North Star of modern cybersecurity frameworks, designed to help organizations reduce their attack surface and risk by applying principles of least privilege or a “never trust, always verify” approach. Some zero trust-based security controls, like multi-factor authentication (MFA), are designed to add layers of login defense…

As travel restrictions ease in 2022, hotel InfoSec departments are preparing for an influx of customers as well as an increase in cyber attacks. Hotels secure a large amount of sensitive customer data and have a broad attack surface, so they are common targets for threat actors. Here are five of the top cyber threats…

The stakes remained high for retailers this holiday season, with attackers aggressively focusing their attention on the commerce sector – both in the U.S. and abroad. Several factors played into the increase in malicious activity — the surge in online traffic due to pandemic-related restrictions as well as compounding supply chain issues and associated inventory…