Storm-1175 Deploys Medusa Ransomware at 'High Velocity'

Microsoft has identified the financially motivated threat actor Storm-1175 deploying Medusa Ransomware at 'high velocity.' The group is characterized by its rapid exploitation of n-day and zero-day vulnerabilities to maximize campaign effectiveness. This approach enables swift initial access and lateral movement before organizations can patch or implement mitigations. Organizations should prioritize patch management for critical vulnerabilities, maintain offline backups, and deploy advanced endpoint detection to counter the speed-based attack methodology employed by this group.

Microsoft says the financially motivated cybercrime group has exploited n-day and zero-day vulnerabilities in campaigns predicated on speed.

Microsoft has identified the financially motivated threat actor Storm-1175 deploying Medusa Ransomware at 'high velocity.' The group is characterized by its rapid exploitation of n-day and zero-day vulnerabilities to maximize campaign effectiveness. This approach enables swift initial access and lateral movement before organizations can patch or implement mitigations. Organizations should prioritize patch management for critical vulnerabilities, maintain offline backups, and deploy advanced endpoint detection to counter the speed-based attack methodology employed by this group. Microsoft says the financially motivated cybercrime group has exploited n-day and zero-day vulnerabilities in campaigns predicated on speed. Microsoft says the financially motivated cybercrime group has exploited n-day and zero-day vulnerabilities in campaigns predicated on speed.