Retail & Hospitality ISAC Announces New Partnerships

Vienna, VA (March 31, 2022) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today announced that four new cybersecurity solutions providers have joined the organization as Associate Members. These companies will help to support the cybersecurity needs of the consumer-facing sector by providing thought leadership and expert guidance to RH-ISAC Core Members,…

Read More

Retail & Hospitality ISAC Threat Researchers Confirm Validity of Spring Framework RCE Vulnerability

Vienna, VA (March 30, 2022) – Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) threat researchers investigated a proof-of-concept (POC) for the RCE vulnerability in the Spring framework that was reported on March 29, 2022. The RH-ISAC researchers were able to obtain a copy of the code repository that contained the POC and test…

Read More

Alleged RCE Vulnerability Discovered in Spring Framework

Updates: April 5, 2022, 12 p.m. ET The “Spring4Shell” RCE (CVE-2022-22965) has been added to CISA’s list of known exploited vulnerabilities. Due to the conditions required to exploit the vulnerability, security researchers are beginning to form a consensus that, while serious, Spring4Shell is not as critical or dangerous as the Log4Shell vulnerability. The conditions for…

Read More

7 Ways to Prevent Ransomware Attacks

With ransomware demands in the millions, companies are beginning to prioritize investment in their ransomware resilience strategy to avoid the severe financial, operational, and reputational costs of being the victim of an attack. In fact, ransomware planning ranked as the top initiative for retail and hospitality CISOs in RH-ISAC’s recent 2021 CISO Benchmark Report, but…

Read More

5 Challenges for Hybrid Cloud Security

Businesses interested in scaling up operations are turning to hybrid cloud environments as a cost-effective solution. Hybrid clouds provide the best of both worlds, allowing companies to expand their network without investing in additional, costly on-premises servers that must be maintained. Instead, they can keep their highly sensitive data securely stored on premises where they…

Read More