<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 5/5/2025

SHARE

Breaches

Kelly Benefits Data Breach Impact Grows to 400,000 Individuals

Benefits and payroll solutions firm Kelly & Associates Insurance Group (dba Kelly Benefits) has revealed that the impact of a recently disclosed data breach is significantly bigger than initially believed. Kelly Benefits provides benefits administration, broker, and payroll solutions in Maryland and surrounding states. The company revealed last month that it was targeted by hackers in December 2024. READ MORE...


Co-op confirms data theft after DragonForce ransomware claims attack

The Co-op cyberattack is far worse than initially reported, with the company now confirming that data was stolen for a significant number of current and past customers. "As a result of ongoing forensic investigations, we now know that the hackers were able to access and extract data from one of our systems," Co-op told BleepingComputer. "The accessed data included information relating to a significant number of our current and past members." READ MORE...

Hacking

Man Admits Hacking Disney and Leaking Data Disguised as Hacktivist

A 25-year-old man from California has pleaded guilty to hacking Disney systems and leaking data under the guise of a hacktivist collective, the Justice Department announced. According to the DoJ, Ryan Mitchell Kramer has pleaded guilty to accessing a computer and obtaining information, and threatening to damage a protected computer, as well as to two felony charges that each carry a prison sentence of up to five years. READ MORE...


Despite Arrests, Scattered Spider Continues High-Profile Hacking

The notorious Scattered Spider threat group continues to attack high-value targets despite landing on the receiving end of multiple global law enforcement operations. Scattered Spider gained notoriety in recent years with high-profile breaches and ransomware attacks against large enterprises, including Las Vegas casino and hotel giants Caesars Entertainment and MGM Resorts in 2023. First emerging in 2022, the group's members displayed a knack for social engineering schemes. READ MORE...

Malware

Ransomware spike exposes cracks in cloud security

90% of IT and security leaders said their organization experienced a cyberattack within the last year, according to a report by Rubrik. "Many organizations that move to the cloud assume their providers will handle security," said Joe Hladik, Head of Rubrik Zero Labs. "The persistence of ransomware attacks, coupled with the exploitation of hybrid cloud vulnerabilities, shows that threat actors are always one step ahead. READ MORE...

Information Security

Generative AI makes fraud fluent - from phishing lures to fake lovers

Spam messages predate the web itself, and generative AI has given it a fluency upgrade, churning out slick, localized scams and letting crooks hit regions and dialects they used to ignore. One of the red flags that traditionally identified spam, including phishing attempts, was poor spelling and syntax, but the use of generative AI has changed that by taking humans out of the loop. READ MORE...


Amazon, CrowdStrike, Google and Palo Alto Networks claim no change to threat intel sharing under Trump

Threat intelligence sharing is flowing between the private sector and federal government and remains unimpeded thus far by job losses and budget cuts across federal agencies that support the cyber mission, according to executives at major security firms. Top brass at Amazon, CrowdStrike, Google and Palo Alto Networks said there's been no change to interactions with the federal government since President Donald Trump was inaugurated earlier this year. READ MORE...

Exploits/Vulnerabilities

Magento supply chain attack compromises hundreds of e-stores

A supply chain attack involving 21 backdoored Magento extensions has compromised between 500 and 1,000 e-commerce stores, including one belonging to a $40 billion multinational. Sansec researchers who discovered the attack report that some extensions were backdoored as far back as 2019, but the malicious code was only activated in April 2025. "Multiple vendors were hacked in a coordinated supply chain attack, Sansec found 21 applications with the same backdoor," explains Sansec. READ MORE...

On This Date

  • ...in 1816, John Keats' first published poem, "O Solitude" , appears in The London Examiner.
  • ...in 1904, Cy Young throws a perfect game against the Philadelphia Athletics in Boston, MA.
  • ...in 1943, comedic actor Michael Palin from "Monty Python's Flying Circus" is born in Sheffield, England.
  • ...in 1961, Alan Shepard becomes the first American in space when his Freedom 7 craft achieves Earth orbit.