RansomHub's EDRKillShifter used in 2024 ransomware by Medusa, BianLian, and Play, revealing cross-gang tool sharing.
The Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems.
Medusa ransomware uses ABYSSWORKER driver with stolen certificates to disable EDR and enable RDP access, risking data ...
Federal authorities have issued a new warning about a dangerous ransomware scheme that is sweeping across the country. It ...
ESET uncovers a link between RansomHub, Play, Medusa, and BianLian ransomware gangs as more groups adopt tools to disable EDR software.
A Medusa ransomware campaign is using a malicious driver to disrupt and even delete endpoint detection and response (EDR) ...
The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory on the Medusa ransomware attacks impacting over 300 ...
Researchers spot Medusa ransomware operators deploying smuol.sys This driver mimics a legitimate CrowdStrike Falcon driver ...
Ransomware actors are increasingly abusing vulnerable drivers to craft tools known as "EDR killers," which can disrupt and ...
ROACH EXPLAINS WHAT YOU NEED TO KNOW. SO, FOLKS, LET’S START WITH A LITTLE REFRESHER COURSE ON GREEK MYTHOLOGY, BECAUSE IT IS RELEVANT HERE. MEDUSA WAS A GREEK PRIESTESS WHO HAD SNAKES FOR HAIR ...
ESET researchers discover new ties between affiliates of RansomHub and of rival gangs Medusa, BianLian, and Play.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback