All news with #medusalocker tag

MedusaLocker RaaS Recruits Penetration Testers Globally

🔒 MedusaLocker, a ransomware-as-a-service (RaaS) group active since 2019, has posted a dark web job advert openly recruiting penetration testers and insiders who already have direct access to corporate networks. The advert explicitly instructs applicants not to apply unless they possess network access, signalling a preference for initial access brokers and company insiders. CISA previously linked MedusaLocker to exploitation of RDP vulnerabilities, and the group’s tactic highlights the blurred line between legitimate pentesting and criminal activity. Organisations should prioritise layered defenses, authorised penetration testing, and strict controls over remote access and privileged accounts.