A sophisticated cyberattack on the City of St. Paul, Minnesota incapacitated municipal IT systems. Governor Tim Walz has activated the National Guard’s cyber protection unit to assist, as the incident overwhelmed local response efforts. The city shut down network services to contain the threat, while the FBI and federal partners are investigating.
Security researchers warn that the Warlock ransomware group (tied to Black Basta) is targeting unpatched Microsoft SharePoint servers. More than 400 organizations—including U.S. government bodies—have been compromised. Experts emphasize that persistence mechanisms mean patching alone may not eliminate risk.
The newly surfaced Chaos ransomware gang has deployed a high-performance Linux variant capable of partial encryption with up to 100 concurrent threads. Industries across multiple countries are being targeted with heightened sophistication.
Ravenshaw University’s official website was redirected to a placeholder page, and its Higher Education Department Instagram account posted unrelated content. The breach was later remediated, and authorities have been notified.
Governor Kathy Hochul has enacted legislation requiring municipal authorities to report cybersecurity incidents within 72 hours and disclose ransomware payments within 24 hours, including detailed information about the incident and justification.
| Domain | Recommended Response |
|---|---|
| Municipal IT Systems | Isolate compromised servers, engage forensic teams, enhance cyber defense readiness. |
| SharePoint Servers | Patch immediately, hunt for persistence, lock down admin access, monitor logs. |
| Linux Environments | Harden systems, deploy behavioral detection, prepare recovery playbooks. |
| Academic Institutions | Monitor account activity, enforce multifactor authentication, train admin teams. |
| Regulatory Compliance | Align incident response policy to meet new reporting timelines. |