FBI Warns of Medusa Ransomware Surge
U.S. federal agencies issued an alert about a significant increase in Medusa ransomware attacks targeting services like Gmail, Outlook, and VPNs. Over 300 organizations worldwide have been affected, with attackers employing sophisticated double and triple-extortion tactics. Authorities are urging users to enhance security measures, particularly by enabling multi-factor authentication.
Read more on The Washington Post
Protecting your organization from ransomware like Medusa starts with securing employee communication and strengthening internal cyber hygiene.
- Enforce two-factor authentication on all email, VPN, and cloud-based accounts to reduce unauthorized access points.
- Train employees to recognize phishing attempts, especially lookalike email addresses and emotional manipulation tactics.
- Establish clear incident reporting protocols to ensure IT teams can act during critical early stages of an intrusion.
SSL.com’s S/MIME certificates help defend against phishing-based ransomware by enabling organizations to digitally sign and encrypt emails, ensuring recipients can verify the sender’s identity and content integrity.
Secure Employee Emails with Confidence
Record 1.5 Billion USD Crypto Heist Targets Bybit Exchange
Bybit cryptocurrency exchange experienced a record-breaking cyberattack, losing approximately $1.5 billion in digital assets. The attack has been attributed to North Korea’s Lazarus Group, who exploited vulnerabilities through a third-party vendor. This incident has raised significant concerns about the security of crypto exchanges and prompted calls for enhanced cybersecurity measures.
Read more on BBC
Preventing sophisticated crypto heists starts with securing access to critical systems and trusted third-party integrations.
- Require strong authentication measures for employees and partners accessing wallets, APIs, and financial tools.
- Vet and continuously monitor supplier systems with direct access to sensitive infrastructure.
- Implement least-privilege access controls and log all system interactions for audit and incident response.
SSL.com’s Client Authentication certificates protect an organization’s critical systems by verifying user identities beyond passwords, ensuring only trusted individuals can access high-value data. These certificates can also support secure SSO across internal systems.
Protect Wallets with Verified Access
Suspected Oracle Cloud Breach May Have Exposed Millions of Records
Security experts suspect a major breach in Oracle Cloud, despite the company’s denials. Hackers reportedly stole 6 million records, including encrypted credentials, affecting over 140,000 tenants. Experts urge immediate mitigation steps, including password resets and key rotations. The suspected breach could trigger serious compliance and cybersecurity risks.
Read more on Dark Reading
Responding quickly to credential exposure and potential breaches is key to minimizing damage and meeting compliance standards.
- Immediately reset all user and admin credentials across SSO, LDAP, and encrypted configuration files.
- Enforce multi-factor authentication (MFA) and monitor for suspicious activity, especially across cloud login systems.
- Audit and revoke inactive accounts, and rotate all cryptographic keys and secrets regularly.
Microsoft Patches Actively Exploited Windows Zero-Day
Microsoft’s April 2025 Patch Tuesday addressed CVE-2025-29824, an actively exploited zero-day vulnerability in the Windows Common Log File System (CLFS) Driver. This high-severity elevation of privilege flaw allows attackers to gain system-level access and has been leveraged in ransomware attacks globally. Due to confirmed exploitation, CISA added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, mandating patching for federal agencies.
Read more on BleepingComputer
To address this active threat and improve resilience against similar exploits, prioritize the following:
- Deploy April 2025 Microsoft patches immediately to fix CVE-2025-29824.
- Update endpoint security to detect and block related malware threats.
- Implement robust PAM and review user account permissions regularly.
Google’s $32 Billion Acquisition of Cloud Security Firm Wiz
Google announced its acquisition of Israeli cybersecurity startup Wiz for $32 billion, marking its largest purchase to date. Wiz provides advanced cloud security solutions aimed at strengthening Google Cloud amid rapid expansion in cloud computing and AI services. The deal underscores the growing importance of cybersecurity but may face antitrust scrutiny due to Wiz’s existing partnerships with competitors.
Read more on TechCrunch
Major cloud acquisitions highlight the rising urgency of robust, scalable cybersecurity in multi-cloud environments.
- Regularly evaluate and strengthen cloud security posture as platforms consolidate and evolve.
- Prioritize identity verification, encryption, and certificate management to protect cross-cloud communications.
- Ensure vendor-agnostic security solutions that integrate easily across Google, AWS, Azure, and private infrastructure.
SSL.com Announcements
CA/Browser Forum (CABF) Developments & Reminders:
-
S/MIME Developments: Ballot SMC011 proposes allowing European Unique Identifiers (EUID) for EU/EEA organization validation.
-
Key deadlines approaching: CAA checking (mandatory since March 15), MPIC validation (May 15), and Legacy profile deprecation (July 15).
-
SSL/TLS Validity: The trend toward shorter certificate lifespans continues, reinforcing the importance of automation for certificate management.
Important Update: Changes to TLS Certificates at SSL.com
- Starting September 15, 2025, SSL.com will issue TLS server certificates without the Client Authentication EKU. This update aligns with Google Chrome’s Root Program Policy and ensures better compliance and clarity in certificate usage. Check out our guide to learn what actions you may need to take.
