Medusa ransomware
-
Microsoft links Medusa ransomware affiliate to rapid zero-day attacks
Microsoft said Storm-1175 has used n-day and zero-day flaws in rapid Medusa ransomware attacks, sometimes within 24 hours of initial access, and has hit healthcare, education, finance and other sectors.
-
Lazarus Group uses Medusa ransomware in Middle East attack
A technical report by Broadcom’s Symantec and Carbon Black Threat Hunter Team reported that the Lazarus Group used Medusa ransomware in a Middle East attack and attempted an unsuccessful strike against a U.S. healthcare organization.
-
SimonMed says 1.2 million patients impacted in January data breach
SimonMed Imaging said more than 1.2 million people were affected by a data breach that gave attackers access to its network from Jan. 21 to Feb. 5; Medusa ransomware claimed the theft and the company said it found no evidence of misuse as of Oct. 10.
-
Microsoft links Storm-1175 to zero-day exploitation of GoAnywhere MFT
Microsoft said the criminal group Storm-1175 exploited a zero-day in Fortra’s GoAnywhere MFT to gain remote code execution, deploy monitoring tools, steal data with Rclone and install Medusa ransomware, with activity observed as early as Sept. 11; CISA and other researchers have also reported active exploitation.
-
NASCAR Confirms Major Data Breach Linked to Medusa Ransomware Group
NASCAR has confirmed a significant data breach caused by the Medusa ransomware group, which is demanding a $4 million ransom. The stolen data includes sensitive personal information and operational documents. NASCAR is offering affected individuals credit monitoring and identity theft protection services.
-
Medusa Ransomware Targets NASCAR in Latest Cyberattack
The Medusa ransomware gang has targeted NASCAR in a significant cyber extortion attempt, demanding a $4 million ransom and threatening to release sensitive internal data. This attack adds NASCAR to a growing list of high-profile victims claimed by the group, as concerns rise over their aggressive tactics and the implications of such breaches.
