Search Results for: medusa
This blog investigates Medusa ransomware, a Ransomware-as-a-Service (RaaS) variant that is known to use living off the land techniques to infect target networks and move towards its ultimate goals, data …
Overview
The SonicWall Capture Labs threat research team has been tracking ransomware that has gained recent notoriety known as Medusa. Medusa surfaced as a Ransomware-as-a-Service (RaaS) platform in late 2022. …
On Christmas Eve, Resecurity’s HUNTER (HUMINT) spotted the author of perspective password stealer Meduza has released a new version (2.2). This product has already generated significant interest in Dark Web …
Our technical experts have written a blog series focused on Tactics, Techniques and Procedures (TTP’s) …
Estimated reading time: 5 minutes
Our recent research has highlighted the presence of the MedusaLocker ransomware, which first surfaced in mid-2019. Its primary targets are the Hospital and Healthcare industries. …
Our recent research has highlighted the presence of the MedusaLocker ransomware, which first surfaced in mid-2019. Its primary targets are the Hospital and Healthcare industries. MedusaLocker employs AES and RSA …
In ancient Greek mythology, Medusa stands as one of the most iconic and feared figures. With a head full of venomous snakes in place of hair, she had the power …
MedusaLocker ransomware has been active since September 2019. MedusaLocker actors typically gain access to victims’ networks by exploiting vulnerabilities in Remote Desktop Protocol (RDP).
Once Threat Actors (TAs) gain access …
ASEC (AhnLab Security Emergency response Center) has recently discovered the active distribution of the GlobeImposter ransomware. This attack is being carried out by the threat actors behind MedusaLocker. While the …
Since 2016, Mirai has been an active botnet that targets networking devices running Linux with vulnerabilities. The botnet takes advantage …
In the face of increasingly vigilant security teams and adept defense tools, attackers are continually looking for new ways to circumvent network security …
Written by: Michelle Cantos, Jamie Collier
Executive Summary Mandiant assesses with high confidence that the Paris Olympics faces an elevated risk of cyber threat activity, including cyber espionage, disruptive and…
Politically-motivated hacktivist groups are increasingly utilizing ransomware payloads both to disrupt targets and draw attention to their political causes. Notable among these hacktivist groups is Ikaruz Red Team, a threat …
Summary: This content discusses a path traversal-affiliated vulnerability pattern found in multiple popular Android applications, which could lead to arbitrary code execution and token theft.
Threat Actor: Microsoft | Microsoft …
This article will focus on the newly released BunnyLoader 3.0, as well as historically observed BunnyLoader infrastructure and an overview of its capabilities. BunnyLoader is dynamically developing malware …
This post is also available in: 日本語 (Japanese)
Executive SummaryThe ransomware landscape experienced significant transformations and challenges in 2023. The year saw a 49% increase in victims reported by …
The next Olympic Games hosted in Paris will take place from 26 July to 11 August 2024, while the Paralympic Games will be carried out from …
Resecurity has identified an alarming rise in ransomware operators targeting the energy sector, including nuclear facilities and related research entities. Over the last year, ransomware attackers have targeted energy installations …
The LostTrust ransomware operation is a new multi-extortion threat that emerged in September 2023. Our analysis of LostTrust malware payloads indicates that the family is an evolution of SFile and …
This post is also available in: 日本語 (Japanese)
Executive SummaryTurla (aka Pensive Ursa, Uroburos, Snake) is a Russian-based threat group operating since at least 2004, which is linked to …
Recently, AhnLab Security Emergency response Center (ASEC) has identified that the Hakuna Matata ransomware is being used to attack Korean companies. Hakuna Matata is a ransomware that has been developed …
Meduza Stealer … Yes, you read it right, I did not misspelled it, is a new stealer that appeared on Russian-speaking forums at the beginning of June 2023. …
Over the past several months, Sophos X-Ops has investigated multiple incidents where attackers attempted to disable EDR clients with a new defense evasion tool we’ve dubbed AuKill. The AuKill tool …
By Securonix Threat Labs, Threat Research: D. Iuzvyk, T. Peck, O. Kolesnikov
TL;DRToday ransomware continues to gain traction and organizations are faced with a barrage of constantly evolving tactics. …