Microsoft links Medusa ransomware affiliate to zero-day attacks

Microsoft links Medusa ransomware affiliate to zero-day attacks

Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity attacks. [...]

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate "high-velocity" attacks and break into susceptible internet-facing systems. "The threat actor's high operational tempo and proficiency in identifying exposed perimeter assets have proven successful, with recent

Microsoft Warns Storm-1175 Exploiting Web-Facing Vulnerabilities to Deploy Medusa Ransomware

Microsoft is warning that a fast‑moving threat actor it tracks as Storm‑1175 is aggressively exploiting vulnerabilities in internet‑exposed systems to deliver Medusa ransomware in days and sometimes in under 24 hours. Storm‑1175 is a financially motivated group known for high‑velocity ransomware operations that weaponize recently disclosed, or “N‑day”, vulnerabilities in web‑facing services. The actor focuses […] The post Microsoft Warns Storm-1…

Microsoft says Medusa-linked Storm-1175 is speeding ransomware attacks

Microsoft has warned that Storm-1175, a cybercrime group linked to Medusa ransomware, is exploiting vulnerable web-facing systems in fast-moving attacks, at times moving from initial access to data theft and ransomware deployment within 24 hours. The company said the group has heavily targeted organizations in healthcare, education, professional services, and finance across Australia, the UK, and the US, showing how quickly ransomware affiliates…

Medusa ransomware group using zero-days to launch attacks within 24 hours of breach, Microsoft says | #ransomware | #cybercrime - National Cyber Security Consulting

The Medusa ransomware operation is increasingly exploiting new vulnerabilities days before they are publicly disclosed, according to new research from Microsoft. Cybersecurity experts at Microsoft published an examination of activity from the group — which recently claimed responsibility for a devastating attack on the largest hospital in Mississippi and a county in northern New Jersey.  […] Thank you for subscribing to our RSS feed! The post Me…