U.S. Sanctions Target North Korean IT Scheme: Unmasking a $17M Cyber Fraud

CISA: Ransomware Attack Disrupts Trimble Cityworks, Threatening Local Governments

In late February 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a critical alert regarding a ransomware attack targeting Trimble Cityworks, an asset management platform widely used by local governments and infrastructure organizations across the United States. The attack, detailed in a report by Cyber Security Hub, exploits vulnerabilities in Cityworks’ systems, enabling attackers to encrypt critical data and disrupt municipal operations. This incident, discovered in early 2025, has raised concerns about the security of software integral to managing public infrastructure, from utilities to public works. Buzz My Biz [https://buzzmybiz.co] provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today [https://meetings.hubspot.com/buzzmybiz/meet-w-randy%20] .

St. Paul Under Siege: Minnesota National Guard Mobilized in Response to Sophisticated Cyberattack

On July 25, 2025, the city of St. Paul, Minnesota, faced a digital onslaught that brought its municipal systems to a standstill. What began as "suspicious activity" detected on the city's internal networks quickly escalated into a confirmed cyberattack, described by Mayor Melvin Carter as a "deliberate, coordinated digital attack" orchestrated by a sophisticated external actor. The breach targeted critical infrastructure, forcing the city to shut down its IT systems, including Wi-Fi in public buildings and online payment services. This unprecedented disruption prompted a state of emergency, as St. Paul grappled with the immediate fallout of an attack that has left residents and officials scrambling to restore normalcy. Buzz My Biz [https://buzzmybiz.co] provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today [https://meetings.hubspot.com/buzzmybiz/meet-w-randy%20] .

Gunra Ransomware Emerges as a New Threat Targeting Windows Systems

A new ransomware strain, dubbed Gunra, has surfaced as a significant threat to Windows systems, with attacks detected as early as July 2025. This sophisticated malware, identified by security researchers at Palo Alto Networks’ Unit 42, targets both individual and enterprise Windows environments, encrypting critical files and demanding cryptocurrency ransoms. Unlike typical ransomware, Gunra employs advanced obfuscation techniques and targets system vulnerabilities, making it a formidable challenge for cybersecurity defenses. Organizations and users are urged to stay vigilant as this threat continues to evolve. Buzz My Biz [https://buzzmybiz.co] provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today [https://meetings.hubspot.com/buzzmybiz/meet-w-randy%20] .

Microsoft SharePoint Zero-Day Exploited: Urgent Patch Issued for Critical Flaws

Microsoft has issued an urgent security advisory addressing two critical vulnerabilities in SharePoint Server, identified as CVE-2025-53770 and CVE-2025-53771, which have been actively exploited since July 7, 2025. These zero-day flaws allow attackers to bypass authentication and execute remote code, posing a severe risk to organizations relying on SharePoint for collaboration and data management. The vulnerabilities, discovered by security researcher Nguyen Jang, affect all supported versions of SharePoint Server, including Subscription Edition and 2019. Microsoft’s swift response includes patches to mitigate the threat, but unpatched systems remain highly vulnerable to sophisticated cyberattacks. Buzz My Biz [https://buzzmybiz.co] provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today [https://meetings.hubspot.com/buzzmybiz/meet-w-randy%20] .

U.S. Sanctions Target North Korean IT Scheme: Unmasking a $17M Cyber Fraud

In a bold move to counter North Korea’s illicit financial operations, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Korea Sobaeksu Trading Company and three individuals—Kim Se Un, Jo Kyong Hun, and Myong Chol Min—for orchestrating a fraudulent IT worker scheme. This operation, designed to bypass U.S. and U.N. sanctions, has funneled millions into Pyongyang’s weapons of mass destruction (WMD) programs. By infiltrating over 300 U.S. companies with fake IT workers, the scheme generated an estimated $17 million in illicit revenue, highlighting the growing sophistication of North Korean cyber operations. The sanctions underscore the U.S. government’s commitment to disrupting these covert revenue streams that fuel the Kim regime’s destabilizing agenda. Buzz My Biz [https://buzzmybiz.co] provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today [https://meetings.hubspot.com/buzzmybiz/meet-w-randy%20] .