Just before the turn of the year, Travelex, the foreign currency exchange service suspended their online services and took their systems offline after “a software virus was discovered”. They put out the following notice which is still displayed on their web site, 8 days later. A similar notice is shown on their twitter account. The
The US-CERT has pushed out an advisory yesterday to warn customers of a potential cyber attack following the heightened geopolitics. You will need to review the potential attack framework and the accompanying recommendations listed further down the advisory.
An application used by enterprises are utilized to deliver malware. Not any malware though, yes you guess it, ransomware! It is likely the same ransomware reported by Cisco Talos in April 2019. It is called REvil also known as “Sodinokibi.” Sodinokibi attempts to encrypt data in a user’s directory and delete shadow copy backups to