» Threat Intelligence Blog

The stakes remained high for retailers this holiday season, with attackers aggressively focusing their attention on the commerce sector – both in the U.S. and abroad. Several factors played into the increase in malicious activity — the surge in online traffic due to pandemic-related restrictions as well as compounding supply chain issues and associated inventory…

As the Russia/Ukraine crisis develops, RH-ISAC is working to provide guidance to the retail and hospitality community concerned with the situation’s impact on their operations. Historically, Russian cyber activities during regional conflict start with massive DDoS attacks against the target states’ communications and civil infrastructure organizations. Other opportunistic attacks such as ransomware and data breaches…

On Thursday, December 9, Apache published a zero-day vulnerability (CVE-2021-44228). Known as “Log4Shell”, this vulnerability is a critical remote code execution vulnerability in Apache’s Log4j software library, which is of extreme concern to the security community due to its widespread usage and potential for exploitation. This flaw impacts Apache Log4J, versions 2.0 to 2.14.1, a…

Email phishing is the most dominant attack vector for cybercrime and ransomware worldwide. Hackers aren’t sneaking in through some backdoor, instead, they’re strolling in through the front thanks to insecure or misconfigured email systems and a lack of sufficient protocols. But what are the measures businesses need to be putting in place to stop this,…

Between keeping up with your alerts, putting together reports, running through your daily checklists, or whatever else it may be throughout your day, I think one thing we can all agree on is there is never enough time in the day! As I’ve progressed in my career, I’ve tried to become lazier in my work….