it-daily.net1 天
Medusa ransomware attacks escalating in 2025
Procedure of the Medusa hackers. The main route of infection for Medusa ransomware is targeted phishing campaigns.
Medusa ransomware is able to disable anti-malware tools, so be on your guard
Operators of the Medusa ransomware are engaging in old-fashioned bring-your-own-vulnerable-driver (BYOD) attacks, bypassing ...
SecurityWeek4 天
Medusa Ransomware Uses Malicious Driver to Disable Security Tools
The Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems.
WGAL on MSN6 天
Federal authorities issue new warning about dangerous Medusa ransomware
Federal authorities have issued a new warning about a dangerous ransomware scheme that is sweeping across the country. It ...
SecurityWeek1 天
Ransomware Groups Increasingly Adopting EDR Killer Tools
ESET uncovers a link between RansomHub, Play, Medusa, and BianLian ransomware gangs as more groups adopt tools to disable EDR software.
The Hacker News1 天
Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks
RansomHub's EDRKillShifter used in 2024 ransomware by Medusa, BianLian, and Play, revealing cross-gang tool sharing.
HHS5 天
Medusa Ransomware Brings Its Own Vulnerable Driver
A Russian-speaking ransomware group has been deploying a malicious Windows PE driver that imitates a legitimate CrowdStrike Falcon driver to bypass endpoint security, researchers warn. See Also: Expel ...