cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II

Travelex hit

OK, yet another example of a media report that doesn't know what it's talking about.

 

"Software virus"?  That's redundant.  (I am willing to withdraw my objection when somebody shows me a hardware virus.)

 

Given the (minimal) information provided in this report, I strongly suspect ransomware.


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
5 Replies
AppDefects
Community Champion

Poor chaps...Tesco averages one major incident a year... 

denbesten
Community Champion


@rslade wrote:

"Software virus"?  That's redundant.

Well, there are human and animal viruses.....

 


I strongly suspect ransomware.

Other reports point to Ransomware too.  Did your kids give you a "smart" crystal ball for Christmas this year?

rslade
Influencer II

> denbesten (Community Champion) posted a new reply in Industry News on 01-03-2020

>   Did your kids give you a "smart" crystal ball for Christmas
> this year?

If they did, I wouldn't connect it to the wifi without changing the default password,
first. I've just been around for a loooooong time. (And I started out researching
malware ...)

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Yes, but every time I try to see things your way, I get a headache.
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Shannon
Community Champion

 

 

This article on Darkreading.com mentions that it might have involved exploitation of a vulnerability in Pulse Secure --- used for VPNs --- being exploited.

 

(The vulnerability was announced last year)

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz
Carpodiem
Newcomer I

An Oracle WebLogic vulnerability that was patched in April 2019 was used.  Sounds like RansomWare has taken it toll.