The FBI and the US Cybersecurity and Infrastructure Security Agency are warning against a deadly ransomware scheme known as Medusa. Launched in 2021, Medusa has been targeting victims through phishing campaigns since then.
To protect against this threat, officials recommend patching operating systems, software, and firmware, using multifactor authentication for email and VPN services, and employing long passwords. Frequent password changes can weaken security.
Medusa’s developers use a double extortion model, threatening to release stolen data unless a ransom is paid. The attackers create a public data-leak site showcasing victims alongside countdown timers to the release of information.
The Medusa actors have hit over 300 victims since February across various sectors, including healthcare, education, and technology.
Source: https://apnews.com/article/fbi-cisa-gmail-outlook-cyber-security-email-6ed749556967654ff41a629a230973e6