CyberSecurityBoard
Sponsor Register Login

Medusa ransomware exploit targets Fortra GoAnywhere flaw

A new ransomware strain named Medusa is actively exploiting a critical vulnerability in Fortra's GoAnywhere managed file transfer software. This flaw allows attackers to execute arbitrary code remotely, leading to potential ransomware deployment and data encryption on affected systems. Organizations using GoAnywhere are urged to apply the latest security patches immediately to mitigate this threat. The Medusa ransomware campaign highlights the increasing trend of threat actors targeting enterprise file transfer solutions to gain initial access and deploy ransomware payloads. Security teams should enhance monitoring for suspicious activity related to GoAnywhere and implement robust backup and recovery strategies to minimize impact. This incident underscores the importance of timely patch management and proactive threat intelligence in defending against ransomware attacks exploiting software vulnerabilities.

This Cyber News was published on www.darkreading.com. Publication date: Tue, 07 Oct 2025 17:40:06 +0000


Cyber News related to Medusa ransomware exploit targets Fortra GoAnywhere flaw

Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
1 year ago Unit42.paloaltonetworks.com Medusa
10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
7 months ago Cybersecuritynews.com
10 Best Ransomware File Decryptor Tools in 2025 - Kaspersky Rakhni Decryptor contains different decryption tools based on various versions of Rakhni ransomware and helps you decrypt encrypted files on your system. PyLocky Ransomware Decryption Tool is a free and open source developed and released by ...
6 months ago Cybersecuritynews.com
Exploit released for Fortra GoAnywhere MFT auth bypass bug - Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT software that allows attackers to create new admin users on unpatched instances via the administration portal. GoAnywhere MFT is a web-based ...
1 year ago Bleepingcomputer.com CVE-2024-0204
Medusa Ransomware Attacks Grown By 42% With New Tools & Techniques - Following the pattern of most modern ransomware operators, Spearwing and its affiliates implement double extortion attacks, first stealing victims’ data before encrypting networks to increase pressure on victims to pay ransoms. In almost all ...
6 months ago Cybersecuritynews.com LockBit Medusa
300 Strikes: Fort Worth's Battle Against the Medusa Gang - In the wake of a cyberattack on Tarrant County Appraisal District in March, the Medusa ransomware gang has claimed responsibility for the hack and has threatened the public with the threat of leaking 218 GB of the stolen data unless the ransom of ...
1 year ago Cysecurity.news Medusa
Medusa Ransomware Unleashes New Tactics: Data Sale, Time Extension, and AI Threats - In the ever-evolving landscape of cyber threats, Medusa Ransomware has taken a bold step by launching a dedicated blog to publish victim details, offering a chilling one-click data sale for $10,000. This notorious group, distinct from Medusa Locker ...
1 year ago Cybersecurity-insiders.com Medusa
Medusa ransomware exploit targets Fortra GoAnywhere flaw - A new ransomware strain named Medusa is actively exploiting a critical vulnerability in Fortra's GoAnywhere managed file transfer software. This flaw allows attackers to execute arbitrary code remotely, leading to potential ransomware deployment and ...
16 hours ago Darkreading.com CVE-2023-0669
10 of the biggest zero-day attacks of 2023 - Here are 10 of the biggest zero-day attacks of 2023 in chronological order. Zero-day attacks started strong in 2023 with CVE-2023-0669, a pre-authentication command injection vulnerability in Fortra's GoAnywhere managed file transfer product. ...
1 year ago Techtarget.com CVE-2023-0669 CVE-2023-34362 CVE-2023-36884 CVE-2023-4863 CVE-2023-41992 CVE-2023-41991 CVE-2023-41993 CVE-2023-22515
Fortra's GoAnywhere MFT Software Faces Exploitation, No Evidence of Active Exploitation Detected - Reports on the exploitation of Fortra's GoAnywhere MFT file transfer software raised concerns due to the potential development of exploit code from a publicly released Proof of Concept. As of Thursday afternoon, there was no evidence of active ...
1 year ago Cysecurity.news CVE-2024-0204 LockBit
CISA: Medusa ransomware hit over 300 critical infrastructure orgs - Last month, CISA and the FBI issued another joint alert warning that victims from multiple industry sectors across over 70 countries, including critical infrastructure, have been breached in Ghost ransomware attacks. "As of February 2025, ...
6 months ago Bleepingcomputer.com Medusa
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com TA505 8base LockBit BianLian Medusa Noescape Black Basta
Medusa Ransomware Hacked 300+ Organizations Worldwide from Variety of Critical Infrastructure - In a particularly concerning development, FBI investigations uncovered instances where victims who paid the initial ransom were subsequently contacted by different Medusa actors claiming the first negotiator had stolen the payment, demanding an ...
6 months ago Cybersecuritynews.com Medusa
Alert for GoAnywhere MFT Users Potential ZeroDay Vulnerability Detected - Users of the GoAnywhere secure managed file transfer software have been warned about a potential security risk. This software, created by Fortra (formerly known as HelpSystems), is designed to help organizations securely exchange data with their ...
2 years ago Securityweek.com
Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released - The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database. FileCatalyst Workflow is a web-based file ...
1 year ago Bleepingcomputer.com CVE-2024-5276 CVE-2023-0669
Dozens of countries will pledge to stop paying ransomware gangs - An alliance of 40 countries will sign a pledge during the third annual International Counter-Ransomware Initiative summit in Washington, D.C., to stop paying ransoms demanded by cybercriminal groups. Addressing reporters on Monday, Anne Neuberger, ...
1 year ago Bleepingcomputer.com
Fortra Releases Critical Patch for CVSS 10.0 Vulnerability in GoAnywhere MFT - Fortra has released a critical security patch addressing a CVSS 10.0 vulnerability in its GoAnywhere Managed File Transfer (MFT) software. This vulnerability poses a severe risk as it allows remote code execution, potentially enabling attackers to ...
2 weeks ago Thehackernews.com CVE-2025-12345
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
2 years ago Heimdalsecurity.com LockBit
Microsoft warns of critical GoAnywhere bug exploited in ransomware attacks - Microsoft has issued a critical security warning regarding a vulnerability in the GoAnywhere managed file transfer (MFT) software, which is actively being exploited by ransomware attackers. The flaw, identified as CVE-2023-0669, allows threat actors ...
1 day ago Bleepingcomputer.com CVE-2023-0669
Fortra GoAnywhere 0-Day Vulnerability Exploited in the Wild - A critical zero-day vulnerability has been discovered in Fortra's GoAnywhere MFT (Managed File Transfer) software, actively exploited by threat actors. This flaw allows unauthenticated attackers to execute arbitrary code remotely, posing significant ...
1 week ago Cybersecuritynews.com CVE-2023-34362
PoC exploit for critical Fortra FileCatalyst MFT vulnerability released - Proof-of-concept exploit code for a critical RCE vulnerability in Fortra FileCatalyst MFT solution has been published. Fortra FileCatalyst is an enterprise managed file transfer software solution that includes several components: FileCatalyst Direct, ...
1 year ago Helpnetsecurity.com CVE-2024-25153
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
1 year ago Helpnetsecurity.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
1 year ago Feeds.fortinet.com 8base
Toyota confirms breach after Medusa ransomware threatens to leak data - Toyota Financial Services has confirmed that it detected unauthorized access on some of its systems in Europe and Africa after Medusa ransomware claimed an attack on the company. Toyota Financial Services, a subsidiary of Toyota Motor Corporation, is ...
1 year ago Bleepingcomputer.com LockBit Rhysida Medusa
Revealing a Way to Take Advantage of a Newly Discovered Security Flaw in GoAnywhere MFT - A security researcher has released proof-of-concept exploit code that can be used to perform unauthenticated remote code execution on vulnerable GoAnywhere MFT servers. GoAnywhere MFT is a web-based and managed file transfer tool designed to help ...
2 years ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)