Ransomware as a Service

Subscribe to Ransomware as a Service via RSS

On March 12, 2025, a joint cybersecurity advisory was issued by the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the Multi-State Information Sharing and Analysis Center to advise companies about the tactics, techniques and procedures (TTPs), and indicators of compromise (IOCs) to protect themselves against Medusa ransomware.

According to the advisory:

Three recent events are prompting me to update our previous blog post on the difficult decision of whether to pay or not to pay ransomware following an attack [view related post].

The first event is the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory on October 1, 2020,