CISA Alert AA22-181A – #StopRansomware: MedusaLocker.
CISA, the FBI, the Department of the Treasury, and the Financial Crimes Enforcement Network are releasing this alert to provide information on MedusaLocker ransomware. Observed as recently as May 2022, MedusaLocker actors predominantly rely on vulnerabilities in Remote Desktop Protocol to access victims’ networks.
AA22-181A Alert, Technical Details, and Mitigations
CISA No-cost Ransomware Services
All organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at email@example.com or (888) 282-0870 and to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov.