According to federal authorities, these are the Russian hackers who attacked US water utilities

The week was particularly packed with dramatic security news. On Friday, a faulty update to CrowdStrike’s Falcon platform caused massive service outages and disruptions around the world. The problem, which only affected Windows computers, crashed PCs and servers and impacted air traffic, hospitals, banks, universities and more.

Earlier this week, WIRED reported that AT&T paid $370,000 for hackers to delete the stolen data after a massive data breach. And while it’s always possible the attackers saved a copy of the data, a security researcher familiar with the transaction told WIRED he believes only the single copy was deleted. In a separate incident last week, hackers claimed to have stolen and shared more than a terabyte of data, representing Disney’s entire Slack archive.

A WIRED analysis of Republican vice presidential candidate JD Vance’s Venmo account sheds light on the senator’s network and connections, including some of the architects of Project 2025 and enemies of Vance’s running mate Donald Trump.

Federal prosecutors on Tuesday charged a 20-year-old man with allegedly leading the violent and white supremacist Eastern European gang known as the Maniac Murder Cult (MKY). The group has been involved in a series of assaults and attacks abroad, including at least one murder.

The recent decision of the US Supreme Court in Loper Bright Enterprises v. Raimondo The repeal of the so-called Chevron rule will have a significant impact on U.S. cybersecurity defenses because federal agencies’ ability to regulate will now be limited. And U.S. Senator Mark Warner of Virginia is working to push through new restrictions on government wiretapping, but at least two senators are secretly trying to stop him from doing so.

And that’s not all. Each week we round up the security news we didn’t cover in depth ourselves. Click on the headlines to read the full articles and stay safe out there.

Sometimes “Julia,” the mysterious Russian hacker under a pseudonym who tells you about her grand plans to sabotage the West, is really just Julia. Or Yuliya.

On Friday, the U.S. Treasury Department announced that it was imposing sanctions on two suspected Russian cybercriminals for their alleged involvement in the hacktivist group Cyber ​​​​Army of Russia Reborn (CARR). CARR has become known this year for its reckless and somewhat sloppy attacks on Western critical infrastructure, as well as its apparent ties to Russia’s GRU military intelligence agency. The two sanctioned hackers are first identified in the Treasury statement as Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko.

In May, WIRED interviewed a CARR spokeswoman who called herself Julia about the group’s attacks, which included one that leaked tens of thousands of gallons of water from a water treatment plant in the small town of Muleshoe, Texas. That spokeswoman now appears likely to have been Pankratova, who was identified by the Treasury Department as a CARR spokeswoman, while Degtyarenko is described as its “lead hacker.”