it-daily.net2d
Medusa ransomware attacks escalating in 2025
Procedure of the Medusa hackers. The main route of infection for Medusa ransomware is targeted phishing campaigns.
Medusa ransomware is able to disable anti-malware tools, so be on your guard
Operators of the Medusa ransomware are engaging in old-fashioned bring-your-own-vulnerable-driver (BYOD) attacks, bypassing ...
SecurityWeek5d
Medusa Ransomware Uses Malicious Driver to Disable Security Tools
The Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems.
The Hacker News2d
Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks
RansomHub's EDRKillShifter used in 2024 ransomware by Medusa, BianLian, and Play, revealing cross-gang tool sharing.
SecurityWeek2d
Ransomware Groups Increasingly Adopting EDR Killer Tools
ESET uncovers a link between RansomHub, Play, Medusa, and BianLian ransomware gangs as more groups adopt tools to disable EDR software.
WeLiveSecurity3d
Shifting the sands of RansomHub’s EDRKillShifter
ESET researchers discover new ties between affiliates of RansomHub and of rival gangs Medusa, BianLian, and Play.
HHS6d
Medusa Ransomware Brings Its Own Vulnerable Driver
See Also: Expel: Annual Threat Report 2025 "Bring Your Own Vulnerable Driver" is a well-trod method hackers use to disable security tools and the Medusa ransomware operation has apparently taken to it ...
Ransomware gangs increasingly brandish EDR bypass tools
Ransomware actors are increasingly abusing vulnerable drivers to craft tools known as "EDR killers," which can disrupt and ...
Becker's Hospital Review3d
Feds warn healthcare of ‘double extortion’ ransomware threat
The FBI and other federal authorities are warning healthcare organizations to safeguard against a ransomware group targeting the industry. The Medusa ransomware-as-a-service variant has been used to ...