In partnership with

🚨 When Ransomware Becomes a Civic Emergency

St. Paul’s 2025 ransomware crisis marked a turning point: a U.S. capital city invoking emergency powers and National Guard cyber units to defend itself from a digital extortion crew. That moment crystallized a reality many practitioners already understood — ransomware has joined hurricanes and power failures on the list of scenarios every city must plan for.

If you work in or with local government, the call to action is direct. Treat ransomware not as a distant headline but as a foreseeable hazard. Run one serious tabletop this quarter, identify at least three high‑impact gaps, and start closing them before you find yourself drafting an emergency declaration at 3 a.m…

The news IT leaders crave

If your job touches cybersecurity, software, cloud, or IT operations, staying informed isn’t optional.

IT Brew is a free, four-times-a-week newsletter covering the trends shaping business tech—from infrastructure and strategy to the tools teams actually rely on.

Clear context. Focused coverage. Built for professionals running IT—not just talking about it.

Check it out

⚠️ Threat Updates

🔴 Warlock Ransomware Abuses Unpatched Mail Servers in Supply-Chain Style Attack (02/10/26)

Warlock ransomware operators breached SmarterTools by exploiting unpatched SmarterMail vulnerabilities to gain Windows server access and deploy encryption payloads, demonstrating how neglected perimeter messaging services become high‑leverage entry points for downstream compromise. US MSPs and IT leaders should immediately inventory self‑hosted mail and collaboration servers, validate patch levels against current advisories, restrict direct internet exposure, and ensure that EDR coverage and immutable backups exist for any system providing external email or file transfer services. » More Info

🔴 Targeted Vishing Campaigns Masquerade as IT Help Desks to Steal Credentials (02/06/26)

New York’s Department of Financial Services warned of active vishing campaigns in which threat actors impersonate internal or vendor IT support to socially engineer password resets, MFA enrollment changes, and remote‑access approvals, bypassing technical controls through voice social engineering. US financial and professional services firms must formalize call‑back verification for any access‑related phone request, restrict who can modify MFA and VPN settings, log and monitor help‑desk changes, and add scenario‑based vishing drills to security awareness programs and tabletop exercises. » More Info

​

🗨️ Parting Words

“Never trust a computer you can't throw out a window.” — Steve Wozniak

Are you a vCISO or MSP looking to operationalize security programs? Let’s discuss how Blacksmith Infosec proves that compliance is an opportunity, not a struggle that has to be packaged in FUD!