What: RH-ISAC has released its monthly trade association briefing. In June 2024, third-party breaches and supply chain vulnerabilities were major threats in the retail and hospitality sectors, with significant vulnerabilities found in GitLab, MOVEit, CDK, and Snowflake.

Why it is important: Understanding these primary threats and vulnerabilities helps organizations prepare for potential cyberattacks and ensure business continuity. Timely updates and mitigations are crucial to protect against known vulnerabilities and minimize exposure to cyber threats. Monitoring trends and identifying active threat actors enable organizations to prioritize their defensive strategies effectively.

For June 2024, third-party breaches and supply chain vulnerabilities were significant threats in the retail and hospitality sectors. Key vulnerabilities were identified in GitLab, MOVEit, CDK, and Snowflake, with the RH-ISAC Intelligence Team recommending updates and technological tools for managing them. Trends showed a shift in TTPs, with Carbanak, FIN8, and Black Basta emerging as top threat actors. Understanding these threats and implementing recommended mitigations is vital for maintaining robust cybersecurity defenses.

July 2024: Monthly Trade Association Briefing