Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II
‎01-03-2020 02:37 PM
‎01-03-2020 02:37 PM

Travelex hit

OK, yet another example of a media report that doesn't know what it's talking about.

 

"Software virus"?  That's redundant.  (I am willing to withdraw my objection when somebody shows me a hardware virus.)

 

Given the (minimal) information provided in this report, I strongly suspect ransomware.


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Reply
0 Kudos
5 Replies
AppDefects
Community Champion
‎01-03-2020 02:48 PM
‎01-03-2020 02:48 PM

Poor chaps...Tesco averages one major incident a year... 

Reply
0 Kudos
denbesten
Community Champion
‎01-03-2020 04:12 PM
‎01-03-2020 04:12 PM

@rslade wrote:

"Software virus"?  That's redundant.

Well, there are human and animal viruses.....

 

I strongly suspect ransomware.

Other reports point to Ransomware too.  Did your kids give you a "smart" crystal ball for Christmas this year?

Reply
0 Kudos
rslade
Influencer II
‎01-04-2020 01:13 PM
‎01-04-2020 01:13 PM

> denbesten (Community Champion) posted a new reply in Industry News on 01-03-2020

>   Did your kids give you a "smart" crystal ball for Christmas
> this year?

If they did, I wouldn't connect it to the wifi without changing the default password,
first. I've just been around for a loooooong time. (And I started out researching
malware ...)

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Yes, but every time I try to see things your way, I get a headache.
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Reply
0 Kudos
Shannon
Community Champion
‎01-07-2020 11:41 PM
‎01-07-2020 11:41 PM

 

 

This article on Darkreading.com mentions that it might have involved exploitation of a vulnerability in Pulse Secure --- used for VPNs --- being exploited.

 

(The vulnerability was announced last year)

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz
Reply
0 Kudos
Carpodiem
Newcomer I
‎01-08-2020 06:12 AM
‎01-08-2020 06:12 AM

An Oracle WebLogic vulnerability that was patched in April 2019 was used.  Sounds like RansomWare has taken it toll.

 

Reply
0 Kudos