Cybersecurity by Buzz My Biz

In late February 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a critical alert regarding a ransomware attack targeting Trimble Cityworks, an asset management platform widely used by local governments and infrastructure organizations across the United States. The attack, detailed in a report by Cyber Security Hub, exploits vulnerabilities in Cityworks’ systems, enabling attackers to encrypt critical data and disrupt municipal operations. This incident, discovered in early 2025, has raised concerns about the security of software integral to managing public infrastructure, from utilities to public works.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

On July 25, 2025, the city of St. Paul, Minnesota, faced a digital onslaught that brought its municipal systems to a standstill. What began as "suspicious activity" detected on the city's internal networks quickly escalated into a confirmed cyberattack, described by Mayor Melvin Carter as a "deliberate, coordinated digital attack" orchestrated by a sophisticated external actor. The breach targeted critical infrastructure, forcing the city to shut down its IT systems, including Wi-Fi in public buildings and online payment services. This unprecedented disruption prompted a state of emergency, as St. Paul grappled with the immediate fallout of an attack that has left residents and officials scrambling to restore normalcy.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

A new ransomware strain, dubbed Gunra, has surfaced as a significant threat to Windows systems, with attacks detected as early as July 2025. This sophisticated malware, identified by security researchers at Palo Alto Networks’ Unit 42, targets both individual and enterprise Windows environments, encrypting critical files and demanding cryptocurrency ransoms. Unlike typical ransomware, Gunra employs advanced obfuscation techniques and targets system vulnerabilities, making it a formidable challenge for cybersecurity defenses. Organizations and users are urged to stay vigilant as this threat continues to evolve.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

Microsoft has issued an urgent security advisory addressing two critical vulnerabilities in SharePoint Server, identified as CVE-2025-53770 and CVE-2025-53771, which have been actively exploited since July 7, 2025. These zero-day flaws allow attackers to bypass authentication and execute remote code, posing a severe risk to organizations relying on SharePoint for collaboration and data management. The vulnerabilities, discovered by security researcher Nguyen Jang, affect all supported versions of SharePoint Server, including Subscription Edition and 2019. Microsoft’s swift response includes patches to mitigate the threat, but unpatched systems remain highly vulnerable to sophisticated cyberattacks.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

In a bold move to counter North Korea’s illicit financial operations, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Korea Sobaeksu Trading Company and three individuals—Kim Se Un, Jo Kyong Hun, and Myong Chol Min—for orchestrating a fraudulent IT worker scheme. This operation, designed to bypass U.S. and U.N. sanctions, has funneled millions into Pyongyang’s weapons of mass destruction (WMD) programs. By infiltrating over 300 U.S. companies with fake IT workers, the scheme generated an estimated $17 million in illicit revenue, highlighting the growing sophistication of North Korean cyber operations. The sanctions underscore the U.S. government’s commitment to disrupting these covert revenue streams that fuel the Kim regime’s destabilizing agenda.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

In July 2025, McDonald’s faced a significant data breach involving its AI-powered hiring platform, McHire, developed by Paradox.ai. Security researchers Ian Carroll and Sam Curry discovered critical vulnerabilities that exposed the personal information of approximately 64 million job applicants. The breach stemmed from shockingly basic security flaws, including a default admin password of “123456” and an insecure direct object reference (IDOR) in an internal API, allowing unauthorized access to sensitive data such as names, email addresses, phone numbers, resumes, and chat transcripts with the AI chatbot “Olivia.”Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

In July 2025, a sophisticated cyberattack campaign has emerged, leveraging Microsoft Teams to deploy Matanbuchus 3.0, a potent malware loader. This evolved version of Matanbuchus, available as a Malware-as-a-Service  for as little as $2,500 on crime forums, boasts advanced stealth features like improved communication protocols, in-memory execution, and enhanced obfuscation. According to Morphisec, attackers are using social engineering tactics, impersonating IT help desk personnel via Teams calls to trick employees into granting remote access through Quick Assist. This campaign highlights the growing danger of trusted platforms being weaponized, making it critical for organizations to stay vigilant.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

In May 2025, AT&T disclosed a massive data breach affecting approximately 86 million customer records, making it one of the largest cybersecurity incidents of the year. The breach involved sensitive personal information, including names, dates of birth, phone numbers, email addresses, physical addresses, and Social Security numbers. The compromised data was posted to a hacking forum, with samples provided to validate the claims, though AT&T’s investigation suggested the data was a compilation of previously leaked information, primarily from the 2024 Snowflake breach, rather than a new intrusion into their systems.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

On July 2, 2025, Louis Vuitton, the flagship brand of the French luxury group LVMH, became the latest victim of a sophisticated cyberattack targeting its UK operations. Hackers gained unauthorized access to the retailer’s systems, stealing sensitive customer information, including names, contact details, and purchase histories. While the company has assured customers that no financial data, such as bank or credit card details, was compromised, the breach raises significant concerns about the vulnerability of even the most prestigious brands to cybercrime. This incident, reported by Bloomberg and confirmed by Louis Vuitton, marks a troubling trend in the retail sector, where cybercriminals are increasingly targeting high-profile companies.Read the full blog post: https://buzzmybiz.co/blog/louis-vuitton-data-breach-a-cybersecurity-wake-up-call-for-luxury-retailBuzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

On July 4, 2025, Ingram Micro, a global IT distributor with $48 billion in annual sales, was hit by a devastating SafePay ransomware attack, causing widespread system outages. The attack, reported by BleepingComputer, disrupted operations across the company’s global network, affecting customers and partners who rely on its services for cloud, commerce, and technology solutions. While Ingram Micro confirmed the incident and began restoring systems, the breach highlights the growing threat of ransomware targeting critical supply chain players. Read the full blog post: https://buzzmybiz.co/blog/ingram-micros-ransomware-attack-signals-threats-for-global-it-distributorsBuzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

On July 2, 2025, the city of Coppell, Texas, fell victim to a ransomware attack orchestrated by the RansomHub gang, compromising the personal data of approximately 17,000 residents. The attack targeted the city’s IT systems, exposing sensitive information such as names, addresses, Social Security numbers, and driver’s license details. The breach, discovered after unauthorized access to municipal servers, underscores the growing threat of ransomware targeting local governments, which often lack the robust cybersecurity defenses of larger organizations.Read the full blog post: https://buzzmybiz.co/blog/city-of-coppell-tx-faces-ransomware-nightmareBuzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

On the morning of June 26th, Hawaiian Airlines reported a major cybersecurity incident that disrupted its IT systems. Travel alerts were posted by 10:45 a.m. local time, confirming issues that impacted digital check-in, employee portals, and internal communications. The airline's Honolulu-based operations hub was at the center of the disturbance. While the cause wasn't initially disclosed, experts quickly suspected ransomware—a form of attack where hackers encrypt data and demand payment.Read the full blog post: https://buzzmybiz.co/blog/hawaiian-airlines-cyberattack-flights-safe-systems-targetedBuzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

British national Kai West, 25, known online as IntelBroker, was arrested in France in February 2025 and now faces extradition to the U.S. The unsealed indictment from the Southern District of New York accuses him of orchestrating a transnational cybercrime operation that inflicted over $25 million in damages from 2022 to 2025.Under his alias IntelBroker—and sometimes ‘Kyle Northern’—West ran a cybercriminal operation on BreachForums, reportedly posting more than 158 threads offering stolen data from over 40 companies, including Cisco, Apple, Deloitte, Europol, and more. Many sales were priced in Monero or Bitcoin, with at least $2 million in proceeds.Read the full blog post: https://buzzmybiz.co/blog/25yo-uk-hacker-arrested-for-25m-in-us-cybercrime-attacksBuzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

On June 12, Aflac detected unauthorized activity on its U.S. network and shut it down within hours—a response detailed in its June 20 SEC filing and press release. There was no ransomware involved, and core operations continued uninterrupted.Aflac cautions that files containing Social Security numbers, health records, claims data, employee and agent information may have been accessed. The full scale remains unknown, as the review process is ongoing.Read this full blog post: https://buzzmybiz.co/blog/aflac-data-breach-insurer-under-siegeBuzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

You might want to sit up for this one because a recent report just dropped a bombshell: around a million SMS two-factor authentication (2FA) codes were intercepted. Yep, those little six-digit codes that are supposed to keep your accounts super secure? They’ve been passing through some shady hands. According to a whistleblower in the tech industry, these codes went through an obscure foreign company with ties to government intelligence and digital surveillance firms. This news, reported by 9to5Mac, is a wake-up call about the vulnerabilities of SMS-based 2FA. Let’s dive into what this means and what you can do to protect yourself.Read this blog post: https://buzzmybiz.co/blog/million-code-heist-why-your-2fa-texts-arent-safe-and-how-to-fix-itBuzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

The U.S. State Department just put a $10 million bounty on the table for info on Iranian hackers tied to a nasty piece of malware called IOControl. This isn’t your average computer virus—it’s a cyberweapon targeting critical infrastructure like water systems, fuel pumps, and industrial controls in the U.S. and beyond. The hackers, linked to Iran’s Islamic Revolutionary Guard Corps (IRGC) through a group called CyberAv3ngers, are causing major headaches by messing with everything from routers to gas station systems.Read this blog post: https://buzzmybiz.co/blog/u.s.-drops-10m-bounty-on-iranian-hackers-the-iocontrol-malware-threatBuzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

Buckle up because the FBI just dropped a major warning about a cyberattack wave that’s hitting hard. The Play ransomware, linked to some seriously shady groups, has seen a skyrocketing number of victims in May 2025, targeting businesses and critical infrastructure across the Americas and Europe. This isn’t just a random hack—it’s a coordinated attack that’s wreaking havoc. Read this blog post: https://buzzmybiz.co/blog/fbis-urgent-alert-play-ransomware-explosion-threatens-all-protect-yourself-nowBuzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

A large-scale account takeover (ATO) campaign, dubbed UNK_SneakyStrike, targeted over 80,000 Microsoft Entra ID accounts across approximately 100 cloud tenants, as reported by The Hacker News on June 12, 2025. The campaign, which peaked in January 2025 with 16,500 accounts targeted in a single day, exploits the open-source penetration testing tool TeamFiltration to conduct password-spraying attacks. These attacks, aimed at Microsoft 365 services like Outlook, Teams, and OneDrive, highlight the growing misuse of legitimate tools for malicious purposes, compromising hundreds of organizations worldwide.Read this blog post: https://buzzmybiz.co/blog/unk_sneakystrike-a-massive-microsoft-entra-id-account-takeover-campaignBuzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

A staggering 269,552 websites were infected with the JSFireTruck JavaScript malware between March 26 and April 25, 2025, according to a report by Palo Alto Networks Unit 42, published on June 13, 2025. This large-scale campaign, which peaked with over 50,000 compromised web pages on April 12, uses sophisticated obfuscation techniques like JSFuck to evade detection. The malware redirects visitors from search engines to malicious sites hosting fake CAPTCHAs, tech support scams, and additional malware, posing a significant threat to unsuspecting users. The campaign’s scale and stealth highlight the growing challenge of securing websites against advanced cyber threats.Read this blog post: https://buzzmybiz.co/blog/massive-jsfiretruck-malware-campaign-targets-269k-websitesBuzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

A recent report highlights cybersecurity as a pressing concern for businesses worldwide. Drawing insights from 1,200 business leaders across more than 20 countries, the report reveals that approximately 75% of respondents experienced heightened anxiety about cybersecurity and privacy over the past year. Malware, flagged by nearly half of those surveyed, and data extortion, cited by over a third, dominate these fears. Against a backdrop of escalating global tensions, the findings emphasize the urgent need for organizations to strengthen their cybersecurity measures to counter increasingly sophisticated threats.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

The Cybersecurity and Infrastructure Security Agency (CISA) has recently faced a substantial reduction in force, with approximately one-third of its workforce—about 1,000 employees—departing under the Trump administration’s 17% budget cuts and voluntary buyout offers. Despite this contraction, the private sector is stepping into the breach: cybersecurity job listings are climbing at a robust 12% year-over-year. However, a significant skills mismatch remains, with only 74 qualified candidates available for every 100 open positions.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

Victoria’s Secret disclosed that a cybersecurity breach—detected on May 24, 2025—led to the precautionary shutdown of its U.S. corporate systems and e-commerce site by May 26, keeping it offline for several days. The outage disrupted online shopping and in‑store services like returns, frustrating customers during the busy Memorial Day weekend. The company immediately activated incident-response protocols and enlisted third-party cybersecurity experts to contain the threat and restore operations.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

A financially motivated threat actor, known as UNC6040, has been orchestrating a sophisticated vishing (voice phishing) and extortion campaign targeting Salesforce users securityweek.com bleepingcomputer.com. The attackers impersonate IT support staff and call English-speaking employees at organizations spanning sectors like education, hospitality, and retail. During these calls, victims are instructed to approve a malicious version of Salesforce’s Data Loader connected app—granting attackers the ability to access and transfer sensitive data from their Salesforce environments.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

A recent study by Dimensional Research and SailPoint highlights growing concerns over the security implications of agentic AI—autonomous bots capable of executing complex tasks without human oversight. The research reveals that 82% of organizations have already integrated these AI agents into their operations, with projections estimating over 1.3 billion users by 2028. Despite their widespread adoption, these agents pose significant risks: 23% of IT professionals reported instances where AI agents were deceived into revealing access credentials, and 80% noted unintended actions such as unauthorized system access or inappropriate data sharing. Alarmingly, while 96% of tech professionals acknowledge these security threats, only 54% have full visibility into AI agent activities, and a mere 44% have implemented governance policies to manage them. Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

Cybercriminals are increasingly leveraging AI-generated videos on platforms like TikTok to disseminate infostealer malware. These deceptive videos often masquerade as tutorials or promotional content, featuring AI-generated personas that appear trustworthy and familiar to viewers. Once engaged, users are directed to download malicious software such as RedLine, Raccoon, and Vidar, which are designed to extract sensitive information including passwords, banking details, and cryptocurrency wallet data. This tactic exploits the widespread trust in social media content and the persuasive nature of AI-generated avatars to enhance the effectiveness of phishing schemes.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

On May 29, 2025, the U.S. House Committee on Homeland Security convened a field hearing at Stanford University's Hoover Institution to address the nation's cybersecurity vulnerabilities. Chaired by Representative Mark Green of Tennessee, the session featured testimonies from cybersecurity experts, including former National Security Advisor H.R. McMaster, Palo Alto Networks' Wendi Whitmore, Google Cloud's Jeanette Manfra, and Corridor CEO Jack Cable. The discussion highlighted the imbalance between attackers and defenders in cyberspace, emphasizing that while hackers require minimal resources, victims must invest heavily in defense and often face reputational damage. Whitmore advocated for viewing companies as victims rather than culprits in cyber incidents, stressing the need for a societal shift in perception.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

Why are IT Leaders Moving from Active Directory to ZTNA? IT security is evolving fast. If you're still relying on traditional Active Directory access controls to protect your Microsoft Server environment, it might be time to rethink your strategy. In this post, I talk about why IT leaders are choosing Zero Trust Network Access — or ZTNA — to stay ahead of today’s threats.ZTNA isn’t just more secure — it’s built for how we work today. If you're modernizing your IT infrastructure, supporting remote teams, or just want to sleep better at night, moving beyond traditional AD access controls is the smart move. Zero Trust isn’t a buzzword — it’s the future.In this episode, we discuss 5 Reasons why ZTNA blows away Active Directory.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

EDR is a cybersecurity tool that monitors devices like laptops and servers, detecting and responding to threats in real time. Unlike traditional antivirus, which uses known malware signatures, EDR watches for suspicious behavior, like a program rapidly encrypting files—a ransomware red flag. Think of it as a security guard for every device.In this episodes, we discuss five ways EDR Stops Ransomware in its tracks.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

Are Passkeys Secure? Yes, passkeys are secure—and arguably the future of login security. They offer a phishing-resistant, user-friendly alternative to passwords and are being widely adopted by tech giants like Google, Apple, Microsoft, and others.In this episode we discuss the 5 reasons why Passkeys really are the future of login security.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

Cybersecurity in 2025 is a battlefield. The threats are smarter, faster, and more relentless than ever before. Let’s break down the Top Cyber Threat Trends you need to know about emerging cybersecurity trends in 2025.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

A concerning trend is emerging across the business landscape: cybercriminals are increasingly turning to invoice fraud as a tactic to exploit small and medium-sized businesses. Here's how to help prevent your business from falling victim to invoice fraud.Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .