The week was especially full of dramatic security news. On Friday, a faulty update to CrowdStrike’s Falcon platform caused massive service outages worldwide. The issue, which only affected Windows computers, led to PC and server failures, disrupting air travel, hospitals, banks, universities, and more.
Earlier this week, WIRED reported that following a massive data breach, AT&T paid $370,000 to have hackers delete stolen data. And while it’s always possible that the attackers kept a copy of the trove, a security researcher with knowledge of the transaction told WIRED that he believes the only copy has been deleted. In a separate incident, hackers claimed last week to have stolen and leaked more than a terabyte of data comprising Disney’s entire Slack archive.
A WIRED analysis of Republican vice presidential candidate JD Vance’s Venmo account sheds some light on the senator’s network and connections, including some of the architects of Project 2025 and enemies of Vance’s running mate Donald Trump.
On Tuesday, federal prosecutors charged a 20-year-old man with being the alleged leader of the violent Eastern European white supremacist gang known as the “Maniac Murder Cult,” or MKY. The group has been implicated in a series of robberies and attacks abroad, including at least one murder.
The recent decision of the Supreme Court of the United States in Loper Bright Enterprises v. Raimondo The repeal of what is known as the Chevron deference will have major implications for U.S. cybersecurity advocacy, because federal agencies now have limited ability to regulate. And U.S. Sen. Mark Warner of Virginia is working to pass new limits on government wiretapping, but at least two senators are quietly trying to stop him.
And there’s more. Every week, we round up the security news we didn’t cover in depth. Click on the headlines to read the full stories and stay safe.
Sometimes “Julia,” the mysterious Russian hacker who uses a pseudonym and tells you about her grandiose plans to sabotage the West, is actually just Julia. Or Yuliya.
On Friday, the Treasury Department announced that it will impose sanctions on two suspected Russian cybercriminals for their alleged involvement with the Cyber Army of Russia Reborn (CARR) hacker group, which rose to prominence this year for its reckless and somewhat careless attacks on Western critical infrastructure, as well as its apparent ties to Russia’s GRU military intelligence agency. The Treasury statement identifies those two sanctioned hackers for the first time as Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko.
In May, WIRED interviewed a CARR spokeswoman who called herself Julia about the group’s attacks, which included one that caused tens of thousands of gallons of water to spill from a water utility in the small town of Muleshoe, Texas. It now appears that spokeswoman was likely Pankratova, whom the Treasury identifies as a CARR spokeswoman, while Degtyarenko is described as its “lead hacker.”
