COVID-19 Phishing Campaigns

The cyberthreats following in the wake of the COVID-19 pandemic are not substantively different from the threats that security professionals have dealt with during other national or global calamities like the Indian Ocean tsunami, Amazon fires, floods, and hurricanes. Sophisticated cybercriminal, state-sponsored threat actors, and hacktivists have always taken advantage of widespread anxieties in times…

Read More

Biggest Holiday Risk Factors

This blog is part of the RH-ISAC holiday guidance blog series. For more blogs in this series, visit https://rhisac.org/blog/. As we enter the holiday season, malicious actors ramp up their attacks, seeking to take advantage of the increase in traffic to both digital and brick-and-mortar retailers and hospitality organizations. Attackers tend to be opportunistic: targeted, specific…

Read More

Third-Party Risks Abound in the Digital World

RH-ISAC’s VP of Intelligence, Carlos Kizzee is featured in an article on Hospitality Tech. The below is an excerpt from the article. For the full post, visit: https://hospitalitytech.com/third-party-risks-abound-digital-world Today’s retail and hospitality world is increasingly interconnected, and customers expect to shop in the digital marketplace with minimal friction. Third-party systems are a critical component of…

Read More

Progress in the Global Fight against Fake Emails

Valimail has been doing rigorous analysis on the data behind email frauds since the company’s earliest days. And we’ve been publishing research reports based on that deep insight for several years. Valimail’s research program now sets the industry standard for reliable, hype-free data on the state of email fraud, email authentication, and identity-based email attacks….

Read More

Credential Harvesting

Numerous attack campaigns in the past couple of months have demonstrated a common tactic used by cybercriminals and state-sponsored attackers alike―credential harvesting. According to the Verizon 2017 Data Breach Investigation Report, 81% of hacking-related breaches leverage either stolen, default or weak credentials. While credential harvesting is often seen as equivalent to phishing, it uses different…

Read More