The white is pushing companies to adopt defensive measure after an unrepresented rise in ransomware attacks so far this year and in April and May in particular. “The bluntly worded open letter followed a string of escalating ransomware attacks that stopped gasoline and jet fuel from flowing up the East Coast and closed off beef
Late last year Travelex, the currency exchange company suffered a major disruption in its operation after a ransomware attack. I wrote about this story at the time. It now appears a settlement has been reached with the bad actors. A report by The Wall Street Journal suggests that Travelex paid the ransom, to the tune
The treat actors are known to take advantage of bad news. This time they are not stopping capitalising on the Coronavirus global outbreak. Here are the Indicator Of Compromises (IOCs)that you need to be aware of -courtesy of Talosintelligence: Hashes (SHA256) 345d8b4c0479d97440926471c2a8bed43162a3d75be12422c1c410f5ec90acd9 (Parallax RAT) Adde95e8813ca27d88923bd091ca2166553a7b904173ef7a2c04bb3ddf8b14a9 (Wiper) C57fa2a5d1a65a687f309f23ca3cfc6721d382b06cf894ee5cd01931bbc17a46 (Nanocore) Emotet Maldocs (SHA256) 006dc4ebf2c47becdc58491162728990147717a0d9dd76fefa9b7eb83937c60b 0a84308348fee6bbfe64a9ef23bb9c32cb319bcdf5cf78ddfda4a83dadea4b8e 0a8aa3f413a8989bb89599dfc2404f7d34dfbb2e3ce26e900d228e9e8c8908b8 0fdc97da1c297e6fef93910008fc5c47cbdcd3e2987bc163467b34f56de112ff
Just before the turn of the year, Travelex, the foreign currency exchange service suspended their online services and took their systems offline after “a software virus was discovered”. They put out the following notice which is still displayed on their web site, 8 days later. A similar notice is shown on their twitter account. The
An application used by enterprises are utilized to deliver malware. Not any malware though, yes you guess it, ransomware! It is likely the same ransomware reported by Cisco Talos in April 2019. It is called REvil also known as “Sodinokibi.” Sodinokibi attempts to encrypt data in a user’s directory and delete shadow copy backups to
Ransomware attacks are often seen as just nuisance when you have a good backup. However it is a disaster for many businesses when you have no fallback. Remember a ransomware is a monster with two heads. One, it denies you access your data. Two, what is often not talked about is the fact an intruder
A massive ransomware attack is under way and has hit major orgonisations. So far I am aware of the UK being hit particularly bad. It is a ransomware with the ability to propergate with the vixtim’s help and this means once a machines is infected the attack does not stop there, it moves laterally by
