SSL.com

March 2025 Cybersecurity Roundup

SSL Support Team

FBI Warns of Medusa Ransomware Surge

U.S. federal agencies issued an alert about a significant increase in Medusa ransomware attacks targeting services like Gmail, Outlook, and VPNs. Over 300 organizations worldwide have been affected, with attackers employing sophisticated double and triple-extortion tactics. Authorities are urging users to enhance security measures, particularly by enabling multi-factor authentication.  Read more on The Washington Post 
SSL.com Actionable Insights

Protecting your organization from ransomware like Medusa starts with securing employee communication and strengthening internal cyber hygiene. 

  • Enforce two-factor authentication on all email, VPN, and cloud-based accounts to reduce unauthorized access points. 
  • Train employees to recognize phishing attempts, especially lookalike email addresses and emotional manipulation tactics. 
  • Establish clear incident reporting protocols to ensure IT teams can act during critical early stages of an intrusion. 

SSL.com’s S/MIME certificates help defend against phishing-based ransomware by enabling organizations to digitally sign and encrypt emails, ensuring recipients can verify the sender’s identity and content integrity. 

Secure Employee Emails with Confidence  

Enable S/MIME Today

Record 1.5 Billion USD Crypto Heist Targets Bybit Exchange 

Bybit cryptocurrency exchange experienced a record-breaking cyberattack, losing approximately $1.5 billion in digital assets. The attack has been attributed to North Korea’s Lazarus Group, who exploited vulnerabilities through a third-party vendor. This incident has raised significant concerns about the security of crypto exchanges and prompted calls for enhanced cybersecurity measures.  Read more on BBC 
SSL.com Actionable Insights

Preventing sophisticated crypto heists starts with securing access to critical systems and trusted third-party integrations. 

  • Require strong authentication measures for employees and partners accessing wallets, APIs, and financial tools. 
  • Vet and continuously monitor supplier systems with direct access to sensitive infrastructure. 
  • Implement least-privilege access controls and log all system interactions for audit and incident response. 

SSL.com’s Client Authentication certificates protect an organization’s critical systems by verifying user identities beyond passwords, ensuring only trusted individuals can access high-value data. These certificates can also support secure SSO across internal systems. 

Protect Wallets with Verified Access   

Enable ClientAuth Now

Suspected Oracle Cloud Breach May Have Exposed Millions of Records  

Security experts suspect a major breach in Oracle Cloud, despite the company’s denials. Hackers reportedly stole 6 million records, including encrypted credentials, affecting over 140,000 tenants. Experts urge immediate mitigation steps, including password resets and key rotations. The suspected breach could trigger serious compliance and cybersecurity risks.  Read more on Dark Reading 
SSL.com Actionable Insights

Responding quickly to credential exposure and potential breaches is key to minimizing damage and meeting compliance standards. 

  • Immediately reset all user and admin credentials across SSO, LDAP, and encrypted configuration files. 
  • Enforce multi-factor authentication (MFA) and monitor for suspicious activity, especially across cloud login systems. 
  • Audit and revoke inactive accounts, and rotate all cryptographic keys and secrets regularly.

Microsoft Patches Actively Exploited Windows Zero-Day 

Microsoft’s April 2025 Patch Tuesday addressed CVE-2025-29824, an actively exploited zero-day vulnerability in the Windows Common Log File System (CLFS) Driver. This high-severity elevation of privilege flaw allows attackers to gain system-level access and has been leveraged in ransomware attacks globally. Due to confirmed exploitation, CISA added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, mandating patching for federal agencies.  Read more on BleepingComputer 
SSL.com Actionable Insights

To address this active threat and improve resilience against similar exploits, prioritize the following: 

  • Deploy April 2025 Microsoft patches immediately to fix CVE-2025-29824. 
  • Update endpoint security to detect and block related malware threats. 
  • Implement robust PAM and review user account permissions regularly.

Google’s $32 Billion Acquisition of Cloud Security Firm Wiz 

Google announced its acquisition of Israeli cybersecurity startup Wiz for $32 billion, marking its largest purchase to date. Wiz provides advanced cloud security solutions aimed at strengthening Google Cloud amid rapid expansion in cloud computing and AI services. The deal underscores the growing importance of cybersecurity but may face antitrust scrutiny due to Wiz’s existing partnerships with competitors.  Read more on TechCrunch 
SSL.com Actionable Insights

Major cloud acquisitions highlight the rising urgency of robust, scalable cybersecurity in multi-cloud environments. 

  • Regularly evaluate and strengthen cloud security posture as platforms consolidate and evolve. 
  • Prioritize identity verification, encryption, and certificate management to protect cross-cloud communications. 
  • Ensure vendor-agnostic security solutions that integrate easily across Google, AWS, Azure, and private infrastructure.

SSL.com Announcements

CA/Browser Forum (CABF) Developments & Reminders: 

Important Update: Changes to TLS Certificates at SSL.com 

Was this article helpful?

Yes
No
Thanks for your feedback!
Exit mobile version