U.S. authorities have extradited a Yemeni national to face charges related to deploying the Black Kingdom ransomware, which targeted over 1,500 systems including hospitals and schools through the Microsoft ProxyLogon vulnerability. The ransomware attacks demanded payments in Bitcoin. Separately, a Ukrainian citizen linked to the Scattered Spider hacking group has also been extradited to the United States on multiple charges for ransomware cyberattacks affecting organizations in the U.S. and Europe. Meanwhile, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerabilities in the Yii Framework and Commvault Command Center to its Known Exploited Vulnerabilities catalog. The Commvault Command Center flaw allows attackers to execute code remotely. Additional cybersecurity concerns include Iranian hackers maintaining access to Middle East critical infrastructure via VPN flaws and malware, and the delivery of disk-wiping Linux malware through malicious Go modules in an advanced supply chain attack. The Rhysida ransomware gang has claimed responsibility for a hack of the Government of Peru. These developments highlight ongoing challenges in cybersecurity across multiple sectors and regions.
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 44: https://t.co/1Gs0Sp2ySe by Security Affairs #infosec #cybersecurity #technology #news
Rhysida Ransomware gang claims the hack of the Government of Peru: https://t.co/gkEFyM8ZH8 by Security Affairs #infosec #cybersecurity #technology #news
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack: https://t.co/4SF2De0SGm by The Hacker News #infosec #cybersecurity #technology #news