Cybersecurity officials warn against potentially costly Medusa ransomware attacks
Source: AP
Updated 2:04 PM EDT, March 15, 2025
LOS ANGELES (AP) — The FBI and the U.S. Cybersecurity and Infrastructure Security Agency are warning against a dangerous ransomware scheme.
In an advisory posted earlier this week, government officials warned that a ransomware-as-a-service software called Medusa, which has launched ransomware attacks since 2021, has recently affected hundreds of people. Medusa uses phishing campaigns as its main method for stealing victims’ credentials, according to CISA.
To protect against the ransomware, officials recommended patching operating systems, software and firmware, in addition to using multifactor authentication for all services such as email and VPNs. Experts also recommended using long passwords, and warned against frequently recurring password changes because they can weaken security.
Medusa developers and affiliates — called “Medusa actors” — use a double extortion model, where they “encrypt victim data and threaten to publicly release exfiltrated data if a ransom is not paid,” the advisory said. Medusa operates a data-leak site that shows victims alongside countdowns to the release of information.
Read more: https://apnews.com/article/fbi-cisa-gmail-outlook-cyber-security-email-6ed749556967654ff41a629a230973e6
Link to CISA ALERT - CISA and Partners Release Cybersecurity Advisory on Medusa Ransomware
= new reply since forum marked as read
since nobody know what they are up to. DOGE will respond by firing more people in charge of cybersecurity. 
Response to BumRushDaShow (Original post)