The Hacker News8h
Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks
RansomHub's EDRKillShifter used in 2024 ransomware by Medusa, BianLian, and Play, revealing cross-gang tool sharing.
CPO Magazine6d
Over 300 Critical Infrastructure Organizations Hit by Medusa Ransomware Attacks
The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory on the Medusa ransomware attacks impacting over 300 ...
SecurityWeek3d
Medusa Ransomware Uses Malicious Driver to Disable Security Tools
The Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems.
Medusa ransomware using malicious driver as EDR killer
A Medusa ransomware campaign is using a malicious driver to disrupt and even delete endpoint detection and response (EDR) ...
SecurityWeek10h
Ransomware Groups Increasingly Adopting EDR Killer Tools
ESET uncovers a link between RansomHub, Play, Medusa, and BianLian ransomware gangs as more groups adopt tools to disable EDR software.
The Hacker News5d
Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates
Medusa ransomware uses ABYSSWORKER driver with stolen certificates to disable EDR and enable RDP access, risking data ...
The Daily Hodl5d
FBI Issues ‘Medusa’ Alert As Hackers Target Critical Infrastructure, Extort Victims for Cash
The FBI is issuing an alert over an ongoing ransomware campaign known as "Medusa" that's hit hundreds of victims.
Becker's Hospital Review1d
Feds warn healthcare of ‘double extortion’ ransomware threat
The FBI and other federal authorities are warning healthcare organizations to safeguard against a ransomware group targeting the industry. The Medusa ransomware-as-a-service variant has been used to ...
JD Supra6d
Joint Alert Warns of Medusa Ransomware
On March 12, 2025, a joint cybersecurity advisory was issued by the Cybersecurity and Infrastructure Security Agency, the Federal Bureau ...