Login

Register

Login

Register

#cybersecurity | hacker | Travelex recovering from ransomware, but more firms at risk of VPN exploit


Beleaguered foreign currency exchange company Travelex confirmed on Friday that the first of its U.K.-based customer-facing systems were back up and running after the New Year’s Eve discovery of Sodinokibi ransomware on its network prompted a shutdown of key systems.

Meanwhile, a worrisome report revealed that dozens of major U.S. organizations and businesses have also failed to patch the same Pulse Secure VPN server vulnerability through which Travelex was infected, even though the a fix was issued in April 2019. Citing research from Bad Packets Report, the Wall Street Journal today named several of these potentially affected companies, including Purdue Pharma, Revlon and Texas Instruments.

Other companies included a California utility, a border-police force and an appellate court, said Troy Mursch, Bad Packets’ chief research officer, per the WSJ report.

“We have continued to make good progress with our technology recovery. Having already restored some of our internal and order processing systems, we have started to restore customer-facing systems, beginning with the in-store systems that process customer orders electronically. The first of these are now successfully live in the UK,” the Travelex said in an online customer information hub it has set up. “We have decided to take a phased approach to ensure the integrity and security of our systems and therefore certain limitations will be in place as we move towards restoring full functionality across the entire Travelex estate.”

Since Dec. 31, affected Travelex locations have been processing transactions manually while digital and online services were taken offline to prevent further spread of the ransomware. “We have started restoring forex order processing electronically in our UK stores and in some of our UK retail partner locations, and we are also now starting our VAT refund service in UK airports. We are also making good progress on restoring our proprietary UK International Money Transfer Service, which will be available by the end of the month,” the company said.

“Our focus is to ensure the integrity and robustness of the network and therefore Travelex is bringing systems up in a controlled and secure manner,” said Tony D’Souza, CEO of Travelex, in a video one the customer hub side. While making these fixes, the company is also enhancing and upgrading its systems in line with our longer-term technology strategy,” he said at another point in the video.

On Jan. 10, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued an alert warning that unsecured Pulse Secure VPN servers “continue to be an attractive target for malicious actors. Affected organizations that have not applied the software patch to fix a remote code execution (RCE) vulnerability, known as CVE-2019-11510, can become compromised in an attack.”

“Although Pulse Secure disclosed the vulnerability and provided software patches for the various affected products in April 2019, the Cybersecurity and Infrastructure Security Agency (CISA) continues to observe wide exploitation of CVE-2019-11510,” the alert continues. “CISA expects to see continued attacks exploiting unpatched Pulse Secure VPN environments and strongly urges users and administrators to upgrade to the corresponding fixes.”



Original Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW