Author: WeWorldMedia-admin

#StopRansomware: Medusa Ransomware

Published: 11 March 2025
Categories: US-Computer Emergency Readiness Team

RSS feed source: US Computer Emergency Readiness Team

Summary

Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources.

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint advisory to disseminate known Medusa ransomware TTPs and IOCs, identified through FBI investigations as recently as February 2025. 

Medusa is a ransomware-as-a-service (RaaS) variant first identified in June 2021. As of February 2025, Medusa developers and affiliates have impacted over 300 victims from a variety of critical infrastructure sectors with affected industries including medical, education, legal, insurance, technology, and manufacturing. The Medusa ransomware variant is unrelated to the MedusaLocker variant and the Medusa mobile malware variant per the FBI’s investigation.

FBI, CISA, and MS-ISAC encourage organizations to implement the recommendations in the Mitigations section of this advisory to reduce the likelihood and impact of Medusa ransomware incidents.

Download the PDF version of this report:

For a downloadable list of IOCs, see:

AA25-071A STIX XML (XML, 34.30 KB )

Click this link to continue reading the article on the source website.

Stolen Radiography Camera

Published: 7 March 2025
Categories: IAEA

RSS feed source: US Computer Emergency Readiness Team

Stolen Radiography Camera

Print View Posted on: 07 March 2025

Event Date: 27 February 2025 Event Type: Radiation Source Event Location: United States of America, Kernersville, North Carolina / IQS Inspections INES Rating: 2 (Provisional)

On 27 February 2025, a radiography camera containing 2.738 TBq (74 Ci) of Ir-192 was reported stolen from a licensee’s truck. On 26 February 2025, the radiographer stayed the night at a hotel in Kernersville, NC and discovered the next morning that the camera was missing. The radiographer had not followed approved procedures for securing the camera. They immediately notified North Carolina state authorities and local law enforcement. A search of the area was performed but the device could not be located. Hotel surveillance camera footage was reviewed but did not provide any useful information. North Carolina Department of Health and Human Services issued a press release (https://www.ncdhhs.gov/news/press-releases/2025/02/28/ncdhhs-issues-alert-missing-radioactive-material-triad-area) to warn the public of the potential danger of the device and to contact authorities if it is found or anyone has knowledge of its location. North Carolina state regulators and law enforcement investigations are ongoing. Based on activity, the source involved was Category 2.
NRC EN57574

Click this link to continue reading the article on the source website.

Radiactive Waste Facility Taken Over

Published: 3 March 2025
Categories: IAEA

RSS feed source: US Computer Emergency Readiness Team

Radiactive Waste Facility Taken Over

Print View Posted on: 03 March 2025

Event Date: 02 March 2025 Event Type: Radiation Source Event Location: Mexico, Temascalapa, Mexico State, Mexico INES Rating: 2 (Provisional)

On March the 2nd,2025 at approximately 6:30 AM (UTC-6), personnel from the municipality of Temascalapa forcibly took over the
Low and Medium Level Radioactive Waste Storage Center (CADER), evicting the personnel from the National Institute of Nuclear
Research (ININ), who were working at the facility and subsequently placing seals of closure at the entrances.
The video surveillance and environmental radiation monitoring systems that CADER has were disabled and there is no way to
know the current status inside the Center.
Negotiations are being carried out between personnel from the government of the State of Mexico and the Municipality of
Temascalapa, without reaching agreements so far.
In addition to the radioactive material and depleted uranium that are being kept in the facility, work tools from a foreign company
were also retained inside it.
Currently, Federal Authorities are working to regain control of the facility.
The source term of the facility is estimated at approximately 1,041.55 TBq of Co-60 and its surface area is 16.2 HA

Click this link to continue reading the article on the source website.