Procedure of the Medusa hackers. The main route of infection for Medusa ransomware is targeted phishing campaigns.

RansomHub's EDRKillShifter used in 2024 ransomware by Medusa, BianLian, and Play, revealing cross-gang tool sharing.

Not all EDR killers are malware. Talos incident responders came across one legitimate software tool called HRSword in a ...

ESET uncovers a link between RansomHub, Play, Medusa, and BianLian ransomware gangs as more groups adopt tools to disable EDR software.

ESET researchers discover new ties between affiliates of RansomHub and of rival gangs Medusa, BianLian, and Play.

Ransomware actors are increasingly abusing vulnerable drivers to craft tools known as "EDR killers," which can disrupt and ...

The FBI and other federal authorities are warning healthcare organizations to safeguard against a ransomware group targeting the industry. The Medusa ransomware-as-a-service variant has been used to ...

ESET researchers also examine the growing threat posed by tools that ransomware affiliates deploy in an attempt to disrupt EDR security solutions ...

A new cyber attack uses a driver called ABYSSWORKER to disable security software. The driver is part of a financially motivated campaign to distribute ...

The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency have issued an urgent advisory concerning the Medusa ransomware, which has compromised over 300 ...

Donald Trump said on Air Force One he thinks a deal to sell TikTok from ByteDance will come to fruition before the April 5 ...