Back

Storm-1175 Group Launches Rapid Medusa Ransomware Attacks

Severity: High (Score: 63.9)

Sources: Hackread, Therecord.Media

Summary

Microsoft has identified a new cybercriminal group, Storm-1175, responsible for swift Medusa ransomware attacks targeting the healthcare and education sectors in the UK, US, and Australia. The group exploits zero-day vulnerabilities, allowing them to transition from initial access to data exfiltration and ransomware deployment within 24 hours. This alarming efficiency has raised significant concerns among cybersecurity experts. The attacks leverage security flaws that have not yet been disclosed, indicating a high level of sophistication in their methods. Microsoft has reported multiple incidents where organizations were compromised and held for ransom in a matter of hours. The exact number of affected organizations remains unspecified, but the scope of impact is considerable given the critical nature of the targeted sectors. As of now, there are no known patches or mitigations available for the vulnerabilities being exploited. The situation is ongoing, with Microsoft urging organizations to bolster their defenses against potential breaches. Key Points: • Storm-1175 is executing high-speed Medusa ransomware attacks within 24 hours of breach. • Healthcare and education sectors in the UK, US, and Australia are primary targets. • Microsoft warns of zero-day vulnerabilities being exploited without prior disclosure.

Key Entities

  • Ransomware (attack_type)
  • Australia (country)
  • Education (company)
  • Healthcare (industry)
  • Medusa (ransomware_group)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed