<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 5/8/2025

SHARE

Breaches

PowerSchool customers hit by downstream extortion threats

Five months after education software vendor PowerSchool paid an unnamed threat actor a ransom in exchange for the deletion of sensitive stolen data, some of the company's customers are now receiving extortion demands. A threat actor, who may or not be the same criminal group behind the attack, has contacted four school district customers of PowerSchool in the past few days, CyberScoop has learned, threatening to leak data if they don't pay. READ MORE...


VC giant Insight Partners confirms investor data stolen in breach

Venture capital firm Insight Partners has confirmed that sensitive data for employees and limited partners was stolen in a January 2025 cyberattack. Insight Partners is a prominent global venture capital and private equity firm specializing in high-growth technology, software, and internet companies, managing over $90 billion in regulatory assets. The company has significant investments in more than 800 companies worldwide, including Twitter, HelloFresh, and Veeam Software. READ MORE...

Hacking

NCSC warns of IT helpdesk impersonation trick being used by ransomware gangs after UK retailers attacked

The warning comes in the wake of high-profile ransomware attacks against Marks & Spencer and Co-op which are estimated to have cost the companies millions of pounds already due to disruption to services and lost sales. The NCSC says that it has "insights into the three attacks" but that it was "not yet in a position to say if these attacks are linked" or part of a concerted campaign. The attackers gained access to corporate victims' internal systems by exploiting employees' legitimate accounts. READ MORE...


'Lemon Sandstorm' Underscores Risks to Middle East Infrastructure

An Iran state-backed threat group targeted a critical national infrastructure (CNI) provider in a rival Middle Eastern nation and spread malicious software deep into its network over the past two years but ultimately failed to compromise their desired target: the operational technology (OT) network. The compromise started at least two years ago according to a May 1 report published by cybersecurity firm Fortinet READ MORE...

Trends

AI Agents Fail in Novel Ways, Put Businesses at Risk

Companies rushing to deploy poorly understood AI agents with the capability to take actions inside their corporate environment may wonder what could go wrong. Turns out quite a bit. At least 10 new broad classes of failures exist for agents powered by artificial intelligence (AI) and deployed by companies - failures that could compromise the safety or security of the AI application or environment. READ MORE...

Software Updates

Cisco Patches 35 Vulnerabilities Across Several Products

Cisco on Wednesday announced patches for 35 vulnerabilities, including 26 as part of its semiannual IOS and IOS XE security advisory bundle publication. The IOS updates fix one critical-severity and 16 high-severity bugs. The critical issue, tracked as CVE-2025-20188 (CVSS score of 10/10), is described as an arbitrary file upload flaw in the Out-of-Band Access Point (AP) image download feature of IOS XE software. READ MORE...

Malware

Google links new LostKeys data theft malware to Russian cyberspies

Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal files in espionage attacks targeting Western governments, journalists, think tanks, and non-governmental organizations. In December, the United Kingdom and Five Eyes allies linked ColdRiver to Russia's Federal Security Service (FSB), the country's counterintelligence and internal security service. READ MORE...

Information Security

Passwords in the age of AI: We need to find alternatives

For decades, passwords have been our default method for keeping online accounts safe. But in the age of artificial intelligence, this traditional security method is facing challenges it was never built to withstand. A team at Cybernews conducted a study of over 19 billion newly exposed passwords which showed we're looking at a "a widespread epidemic of weak password reuse." It shows that despite years of trying to educate users we have hardly made any progress. READ MORE...

Exploits/Vulnerabilities

Dozens of SysAid Instances Vulnerable to Remote Hacking

Updates released recently by SysAid for its IT service management (ITSM) software patch vulnerabilities that can be chained for unauthenticated remote command execution. Details of the vulnerabilities were disclosed on Wednesday by security firm WatchTowr. The company's researchers discovered several XXE vulnerabilities that could be exploited by unauthenticated attackers using specially crafted requests. READ MORE...


WhatsApp provides no cryptographic management for group messages

The world has been abuzz for weeks now about the inclusion of a journalist in a group message of senior White House officials discussing plans for a military strike. In that case, the breach was the result of then-National Security Advisor Mike Waltz accidentally adding The Atlantic Editor-in-Chief Jeffrey Goldberg to the group chat and no one else in the chat noticing. But what if someone controlling or hacking a messenger platform could do the same thing? READ MORE...

On This Date

  • ...in 1886, pharmacist John Pemberton first sells his new patent medicine, a drink he calls "Coca-Cola".
  • ...in 1911, legendary blues guitarist Robert Johnson ("Sweet Home Chicago", "Cross Road Blues") is born in Hazlehurst, MS.
  • ...in 1914, Paramount Pictures is founded. The stars in the famous mountain logo represent the first 22 performers signed by the studio.
  • ...in 1945, the Allies celebrate VE day, after the unconditional surrender of the European Axis powers.