CSTI
    industryThe Ransomware and Commercial Era (2020-Present) Daily Briefing Landmark Event

    Ransomware Strikes RE/MAX; Critical Windows Server Flaw Uncovered

    Saturday, May 31, 2025

    On May 31, 2025, the cybersecurity landscape was rocked by the Medusa ransomware group's attack on RE/MAX, demanding a ransom of $200,000 to prevent the release of 150GB of sensitive data. While much of the data is public, concerns loom over potential identity theft and financial fraud linked to more sensitive information expected in the full release. This breach is emblematic of the increasing sophistication and audacity of ransomware attacks.

    In another significant development, Germany's Federal Office for Information Security (BSI) warned of a critical vulnerability in Windows Server 2025, dubbed “BadSuccessor.” This flaw allows unauthorized access to entire domains and has been assigned a critical severity rating of 9.9 by the BSI, despite Microsoft rating it as moderate. Organizations are urged to take immediate action, as no patch has been issued yet.

    Additionally, a misconfigured Azure storage bucket exposed over 1.6 million customer emails from Etsy and TikTok Shop, raising the risk of phishing attacks. The day also saw the Everest ransomware group exfiltrating 11.7GB of data from Jordan Kuwait Bank, demanding ransom by the end of today. These incidents underscore the ongoing challenges faced by cybersecurity professionals in defending against increasingly sophisticated threats.

    Sources

    ransomware data breach vulnerability RE/MAX Windows Server Etsy TikTok Shop