Medusa ransomware, a ransomware-as-a-service first seen in 2021, targets Windows systems mainly through phishing and exploiting unpatched vulnerabilities, causing significant disruption across multiple sectors. This article explains how to detect and respond to Medusa ransomware using Wazuhβs monitoring, detection rules, and YARA integration for proactive removal. #Medusa #Wazuh #YARA…
Search Results for: medusa
The FBI and CISA have issued an advisory regarding the Medusa ransomware group, which has been increasingly active in 2025. The group has moved well
The article discusses the tools and tactics utilized by the Medusa ransomware group, Spearwing. It highlights various software and methods employed for data exfiltration, credential
AttackIQ has released a new attack graph that emulates the behaviors exhibited by Medusa ransomware since the beginning of its activities in June 2021. Medusa is predominantly propagated through the exploitation of vulnerable services, such as public-facing assets or applications with known unpatched vulnerabilities, and the hijacking of legitimate accounts, often…
Short Summary Medusa is a ransomware group that emerged in 2023, known for its unique presence on both the surface and dark web. By 2024,
Key Points In June 2024, ReliaQuest responded to detections from an endpoint detection and response (EDR) tool signaling the beginning of a ransomware attack by
Key Points In May 2024, the Cleafy Threat Intelligence team tracked new fraud campaigns involving the Medusa (TangleBot) banking trojan, which had been under the
This blog investigates Medusa ransomware, a Ransomware-as-a-Service (RaaS) variant that is known to use living off the land techniques to infect target networks and move
Overview The SonicWall Capture Labs threat research team has been tracking ransomware that has gained recent notoriety known as Medusa. Medusa surfaced as a Ransomware-as-a-Service (RaaS) platform in late 2022. The group behind Medusa predominantly […]
On Christmas Eve, Resecurity’s HUNTER (HUMINT) spotted the author of perspective password stealer Meduza has released a new version (2.2). This product has already generated
Unveiling the Dark Side: A Deep Dive into Active Ransomware Families Author: Molly Dewis Intro Our technical experts have written a blog series focused on
Our recent research has highlighted the presence of the MedusaLocker ransomware, which first surfaced in mid-2019. Its primary targets are the Hospital and Healthcare industries. MedusaLocker employs AES and RSA encryption techniques to encrypt victims’ data. Technical analysis At the start, it performs a check for the presence of a Mutex. If the Mutex does […]
The post MedusaLocker Ransomware: An In-Depth Technical Analysis and Prevention Strategies appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.