RansomHub's EDRKillShifter used in 2024 ransomware by Medusa, BianLian, and Play, revealing cross-gang tool sharing.
Operators of the Medusa ransomware are engaging in old-fashioned bring-your-own-vulnerable-driver (BYOD) attacks, bypassing ...
The Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems.
Federal authorities have issued a new warning about a dangerous ransomware scheme that is sweeping across the country. It ...
ESET uncovers a link between RansomHub, Play, Medusa, and BianLian ransomware gangs as more groups adopt tools to disable EDR software.
Ransomware actors are increasingly abusing vulnerable drivers to craft tools known as "EDR killers," which can disrupt and ...
A Medusa ransomware campaign is using a malicious driver to disrupt and even delete endpoint detection and response (EDR) ...
A Russian-speaking ransomware group has been deploying a malicious Windows PE driver that imitates a legitimate CrowdStrike ...
The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory on the Medusa ransomware attacks impacting over 300 ...
Medusa ransomware uses ABYSSWORKER driver with stolen certificates to disable EDR and enable RDP access, risking data ...
MEDUSA WAS A GREEK PRIESTESS WHO HAD SNAKES FOR HAIR, SEEN HERE IN A MARBLE BUST. THIS RANSOMWARE WE’RE TALKING ABOUT NOW IS CALLED MEDUSA BECAUSE IT SNAKES ITS WAY THROUGH THE COMPUTER NETWORKS ...
ESET researchers discover new ties between affiliates of RansomHub and of rival gangs Medusa, BianLian, and Play.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback