RansomHub's EDRKillShifter used in 2024 ransomware by Medusa, BianLian, and Play, revealing cross-gang tool sharing.
ESET researchers also examine the growing threat posed by tools that ransomware affiliates deploy in an attempt to disrupt EDR security solutions ...
ESET uncovers a link between RansomHub, Play, Medusa, and BianLian ransomware gangs as more groups adopt tools to disable EDR software.
ESET researchers discover new ties between affiliates of RansomHub and of rival gangs Medusa, BianLian, and Play.
The FBI and other federal authorities are warning healthcare organizations to safeguard against a ransomware group targeting the industry. The Medusa ransomware-as-a-service variant has been used to ...
A Russian-speaking ransomware group has been deploying a malicious Windows PE driver that imitates a legitimate CrowdStrike ...
Researchers spot Medusa ransomware operators deploying smuol.sys This driver mimics a legitimate CrowdStrike Falcon driver ...
The Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems.
Federal authorities have issued a new warning about a dangerous ransomware scheme that is sweeping across the country. It ...
The FBI is issuing an alert over an ongoing ransomware campaign known as "Medusa" that's hit hundreds of victims.
Medusa ransomware uses ABYSSWORKER driver with stolen certificates to disable EDR and enable RDP access, risking data ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback