CISA issues warning over Medusa ransomware after 300 victims from critical sectors impacted
Briefly

CISA, in conjunction with the FBI and MS-ISAC, has issued an alert about the Medusa ransomware group, stating that over 300 organizations in critical sectors have been targeted since early 2025. Despite transitioning to an affiliate model, Medusa retains centralized control over ransom negotiations. Their activities surged in 2023, with significant attacks on entities like Toyota. New research indicates a notable rise in their attacks, primarily exploiting unpatched vulnerabilities in software applications, suggesting that vigilance and cybersecurity enhancements are necessary to combat this evolving threat.
CISA and FBI warn Medusa ransomware has hit over 300 US organizations, affecting critical sectors like education and healthcare, indicating a serious and growing threat.
Despite its affiliate model, the Medusa ransomware group maintains centralized control over key operations like ransom negotiations, showcasing their strong organizational structure.
Recent research by Symantec reveals a 42% increase in Medusa ransomware attacks from 2023 to 2024, emphasizing the need for enhanced cybersecurity measures among businesses.
The Medusa group primarily targets victims by exploiting unpatched vulnerabilities in applications, demonstrating a significant threat due to the reliance on outdated software.
Read at ITPro
[
|
]