Inside the FBI, Russia, and Ukraine's failed cybercrime investigation

Skip to Content Russia and Ukraine promised to cooperate and help catch the world's most successful hackers. But things didn't quite go to plan. The American cops took the slower, cheaper train from Kyiv to Donetsk. After repeatedly traveling between Ukraine and the United States, there were more comfortable ways to make this final, 400-mile journey.

MIT Technology Review

'Barely able to keep up': America's cyberwarriors are spread thin by attacks

Charles Carmakal has a problem: Ransomware has become so prolific that he has too much business. "We're getting calls from organizations almost every single day," Carmakal, the chief technology officer at the cybersecurity giant Mandiant, said in a phone call. "We're barely able to keep up."

NBC News

SonicWall warns of 'imminent ransomware campaign' targeting its EOL equipment - The Record by Recorded Future

Networking equipment vendor SonicWall has released an urgent security alert to its customers to warn companies of "an imminent ransomware campaing " targeting some of its equipment. Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware in an imminent ransomware campaign using stolen credentials.

The Record by Recorded Future

Microsoft discovers threat actor targeting SolarWinds Serv-U software with 0-day exploit | Microsoft Security Blog

Microsoft has detected a 0-day remote code execution exploit being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks. The Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to DEV-0322, a group operating out of China.

Microsoft Security Blog

Samsung Washing Machine App Requires Access to Your Contacts and Location

Image: David Paul Morris/Bloomberg via Getty Images Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet. The reviews for these two apps, both of which have more than a million installs according to their stats on the Google Play store, aren't very positive either.


Clarified Guidance for CVE-2021-34527 Windows Print Spooler Vulnerability

On Tuesday July 6, 2021, Microsoft issued CVE-2021-34527 regarding a Windows Print Spooler vulnerability. Updates were released on July 6 and 7 which addressed the vulnerability for all supported Windows versions. We encourage customers to update as soon as possible. CVE-2021-34527 - Windows Print Spooler Remote Code Execution Vulnerability.


Biden tells Putin the U.S. will take 'any necessary action' after latest massive ransomware attack, White House says

President Biden told Russian President Vladimir Putin Friday that the United States will take "any necessary action" after the latest massive ransomware attack, the White House said. Biden has been under pressure to counter and blunt the impact of the costly, increasingly brazen assaults by what the U.S. says are Russia-based hackers.

Washington Post

Observations and Recommendations from the Ongoing REvil-Kaseya Incident - Gigamon Blog

On July 2, 2021, software vendor Kaseya's VSA remote monitoring and management tool became the point of focus for an intrusion campaign impacting multiple managed service providers (MSPs).

Gigamon Blog

Sources: Microsoft has agreed to acquire cybersecurity company RiskIQ; a source says Microsoft will pay over $500M

Bloomberg: Sources: Microsoft has agreed to acquire cybersecurity company RiskIQ; a source says Microsoft will pay over $500M


Microsoft's emergency patch fails to fix critical "PrintNightmare" vulnerability

An emergency patch Microsoft issued on Tuesday fails to fully fix a critical security vulnerability in all supported versions of Windows that allows attackers to take control of infected systems and run code of their choice, researchers said. The threat, colloquially known as PrintNightmare, stems from bugs in the Windows print spooler, which provides printing functionality inside local networks.

Ars Technica