Q1 2026 has been defined by speed. Storm-1175, a financially motivated affiliate of the Medusa ransomware-as-a-service operation, has emerged as the quarter’s most aggressive threat to Australian businesses, weaponising newly disclosed vulnerabilities in internet-facing systems and moving from initial breach to full ransomware deployment in as little as 24 hours.
The group’s playbook is methodical and proven: exploit a public-facing application, create a local admin account, dump credentials from LSASS, raid Veeam backup databases, then push Medusa ransomware (Gaze.exe) network-wide via PDQ Deployer or Group Policy. Microsoft Threat Intelligence confirmed in April 2026 that Australian organisations are being actively targeted, with healthcare, education, professional services, and financial services bearing the brunt.
cyber-security
Excite Cyber Whitepaper – Data Loss Prevention (DLP) as an Enabler for Secure AI Adoption
AI has moved from experiment to operating model, but its real value—and risk—comes down to your data. With 75% of knowledge workers already using AI tools, often without IT oversight, shadow AI is driving a costly wave of breaches that organisations can’t afford to ignore. This whitepaper cuts through the anxiety to show how Microsoft Purview gives you the discovery, classification, and policy controls to make AI safe and productive, turning data security from a blocker into an AI enabler.
19 May 2026
