Bill Toulas reports: A 36-year-old Yemeni national, who is believed to be the developer and primary operator of ‘Black Kingdom’ ransomware, has been indicted by the United States for conducting 1,500 attacks on Microsoft Exchange servers. The suspect, Rami Khaled Ahmed, is accused of deploying the Black Kingdom malware on roughly 1,500 computers in the United…
Category: Malware
Ukrainian National Extradited from Spain to Face Conspiracy to Use Ransomware Charge
A press release from the Department of Justice Defendant Allegedly Took Part in Global Ransomware Scheme Using “Nefilim” Ransomware Strain Thursday, May 1, 2025 Earlier today, in federal court in Brooklyn, a superseding indictment was unsealed charging Artem Stryzhak with conspiracy to commit fraud and related activity, including extortion, in connection with computers, for his…
Gov’t orders SKT to notify individual users whose data may have been breached
Korea JoongAng Daily reports: As customer complaints mount following a major hacking incident at SK Telecom, the government on Friday ordered the telecom giant to notify all users whose personal data may have been exposed and to provide immediate protection for vulnerable groups. The Personal Information Protection Commission (PIPC) convened an emergency meeting at 8…
Marks & Spencer breach linked to Scattered Spider ransomware attack
Lawrence Abrams reports that multiple sources inform them that the outages at UK retail giant Marks & Spencer are the result of a ransomware attack by the group known as “Scattered Spider.” Last Tuesday, M&S confirmed it suffered a cyberattack that caused widespread disruption, including to its contactless payment system and online ordering. Today, Sky News reported that the disruption continues,…
Russian-linked hackers appear to have launched a crippling cyberattack on Western New Mexico University
Joshua Bowling reports: For nearly two weeks, Western New Mexico University’s website and digital systems have been held hostage by what officials in internal emails have called the efforts of a “foreign hacking group.” The university has not publicly addressed the severity of the attack, but documentation obtained by Searchlight New Mexico indicates that an…
Oregon DEQ won’t say if ransomware group took employee data in cyberattack
Gosia Wozniacka of Oregon Live reports: The Oregon Department of Environmental Quality on Friday declined to confirm or deny reports that a well-known ransomware group stole employee files in a recent cyberattack at the agency. The department faced questions after several cybersecurity websites reported that ransomware group Rhysida is behind the cyberattack at the DEQ…