Okta Breach Update and Analysis

Details continue to emerge regarding the Lapsus$ breach of Okta systems and the impact of the incident on Okta customers and the broader security community. On March 21, 2022, the Lapsus$ cyber threat group posted screenshots on their Telegram channel demonstrating that the group had gained superuser access to Okta systems and access to Okta…

Read More

We Blocked Big Bots…and Our Data Doesn’t Lie

The stakes remained high for retailers this holiday season, with attackers aggressively focusing their attention on the commerce sector – both in the U.S. and abroad. Several factors played into the increase in malicious activity — the surge in online traffic due to pandemic-related restrictions as well as compounding supply chain issues and associated inventory…

Read More

Potential Cyber Ramifications of the Russia-Ukraine Crisis

As the Russia/Ukraine crisis develops, RH-ISAC is working to provide guidance to the retail and hospitality community concerned with the situation’s impact on their operations. Historically, Russian cyber activities during regional conflict start with massive DDoS attacks against the target states’ communications and civil infrastructure organizations. Other opportunistic attacks such as ransomware and data breaches…

Read More

RH-ISAC Community Responds to Log4j Vulnerability

On Thursday, December 9, Apache published a zero-day vulnerability (CVE-2021-44228). Known as “Log4Shell”, this vulnerability is a critical remote code execution vulnerability in Apache’s Log4j software library, which is of extreme concern to the security community due to its widespread usage and potential for exploitation. This flaw impacts Apache Log4J, versions 2.0 to 2.14.1, a…

Read More