🚧 Preparing for State-Level Privacy Laws

Unlike traditional IT security requirements, these privacy laws introduce complex, overlapping mandates that vary from state to state, affecting everything from data collection and sharing to breach notification and consumer rights. For MSPs, the challenge is twofold: you must ensure your own compliance while also guiding a diverse client base through a maze of new rules.

⚒️ Blacksmith Infosec at IT Nation Secure

IT Nation Secure is wrapping up today, and the Blacksmith team will be coming home with loads of interview footage and interesting discussions for the Get NIST-y ITN Secure Roundup episode on June 12th!

Streamline IT management with 'The World at Work 2024: Deel IT

Discover how you can transform your IT operations, enhancing operational efficiency & compliance across borders. Our guide has essential strategies for managing a global workforce.

Download free guide

Check out the latest episodes of our compliance-focused video podcast!

🚨 Ransomware in 2025 and the Rise of Multiple Extortion

The rise of multi-extortion ransomware marks a turning point in cybersecurity, reflecting the ruthless ingenuity of modern cybercriminals. No longer satisfied with simply encrypting files, attackers now employ a layered approach to maximize pressure on victims and escalate ransom demands. This evolution has dramatically increased the stakes for organizations by amplifying risks across the board.

⚠️ Threat Updates

🔴 LummaC2 Malware Campaigns Target U.S. Critical Infrastructure (6/4/25)

Federal authorities have issued a new warning about active LummaC2 malware campaigns targeting critical infrastructure across the United States. Throughout May and into June, threat actors have used the LummaC2 infostealer to exploit security gaps, stealing credentials, financial records, and high-value data from organizations in vital sectors. Security agencies urge organizations to review the latest advisories and bolster defenses to mitigate the impact of this rapidly evolving threat. » More Info

🔴 Nation-State Hackers Exploit Rogue Devices in U.S. Energy Sector (5/25/25)

Security experts are sounding the alarm after reports revealed that nation-state actors — particularly from China — are exploiting rogue communication devices embedded in solar power inverters and other critical infrastructure components in the U.S. These undocumented channels could allow attackers to bypass firewalls and remotely disrupt or destroy core systems, posing a severe risk to the national power grid. Recent discoveries have intensified concerns about the vulnerability of America’s energy sector to sophisticated cyber and AI-driven attacks, prompting calls for urgent modernization and increased public-private collaboration on grid security. » More Info

🗨️ Parting Words

“The real danger is not that computers will begin to think like men, but that men will begin to think like computers.”

— Sydney Harris

Are you a vCISO or MSP looking to operationalize security programs? Let’s discuss how Blacksmith can form the backbone of your profitable, low-lift compliance offering.