Details continue to emerge regarding the Lapsus$ breach of Okta systems and the impact of the incident on Okta customers and the broader security community. On March 21, 2022, the Lapsus$ cyber threat group posted screenshots on their Telegram channel demonstrating that the group had gained superuser access to Okta systems and access to Okta…
Read More
In a year that tested our resolve, the RH-ISAC community was resilient. The COVID-19 pandemic altered business-as-usual operations, changing the ways consumers shop and travel, and how employees work. Many of our members were forced to reduce staff and contractors, financially de-prioritize large capital and long-term projects, and delay initiatives that would have contributed to…
Read More
If there’s one thing that never changes in cybersecurity, it’s this: threat actors will always look for the path of least resistance to gain access to a victim’s network. While companies that collect and maintain personally identifiable information (PII) or protected health information (PHI) are often the preferred targets of threat actors, attackers will target…
Read More
This blog is part of the RH-ISAC holiday guidance blog series. For more blogs in this series, visit https://rhisac.org/blog/. As we enter the holiday season, malicious actors ramp up their attacks, seeking to take advantage of the increase in traffic to both digital and brick-and-mortar retailers and hospitality organizations. Attackers tend to be opportunistic: targeted, specific…
Read More
