Ryan Gallagher
@rjgallagher.co.uk
Investigative reporter @Bloomberg.com covering technology & cybersecurity.
Anonymous tips: https://tips.hushline.app/to/ryan
Email: ryan@rjgallagher.co.uk
Signal/WhatsApp: +44 737-678-6842
Anonymous tips: https://tips.hushline.app/to/ryan
Email: ryan@rjgallagher.co.uk
Signal/WhatsApp: +44 737-678-6842
In 2012, yes! Microsoft accused a company called Hangzhou DPtech Technologies of leaking a Windows vulnerability and booted it out of MAPP
August 20, 2025 at 4:39 PM
In 2012, yes! Microsoft accused a company called Hangzhou DPtech Technologies of leaking a Windows vulnerability and booted it out of MAPP
Microsoft said in a statement it would "review this incident, find areas to improve, and apply those improvements broadly." Full story: www.bloomberg.com/news/article...
Microsoft Probing If Chinese Hackers Learned of Flaws Via Alert
Microsoft Corp. is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in its SharePoint service before they were patched, acc...
www.bloomberg.com
July 25, 2025 at 6:41 PM
Microsoft said in a statement it would "review this incident, find areas to improve, and apply those improvements broadly." Full story: www.bloomberg.com/news/article...
Victims of the SharePoint attacks, which were first detected on July 7, now total more than 400 government agencies and corporations worldwide, including the US's National Nuclear Security Administration, the division responsible for designing and maintaining the country's nuclear weapons.
July 25, 2025 at 6:41 PM
Victims of the SharePoint attacks, which were first detected on July 7, now total more than 400 government agencies and corporations worldwide, including the US's National Nuclear Security Administration, the division responsible for designing and maintaining the country's nuclear weapons.
Some of the Chinese companies that are involved in MAPP are also members of a Chinese government vulnerability reporting program, the China National Vulnerability Database, which is operated by the country’s Ministry of State Security.
July 25, 2025 at 6:41 PM
Some of the Chinese companies that are involved in MAPP are also members of a Chinese government vulnerability reporting program, the China National Vulnerability Database, which is operated by the country’s Ministry of State Security.
Microsoft has attributed SharePoint breaches to state-sponsored hackers from China, and at least a dozen Chinese companies participate in the alert sharing initiative, called the Microsoft Active Protections Program, or MAPP.
July 25, 2025 at 6:41 PM
Microsoft has attributed SharePoint breaches to state-sponsored hackers from China, and at least a dozen Chinese companies participate in the alert sharing initiative, called the Microsoft Active Protections Program, or MAPP.
Portugal's National Cybersecurity Centre says: "There is no evidence to date pointing to a cyberattack. We would like to draw attention to the circulation of disinformation that occurs in these situations, and we therefore advise that every information should be confirmed with reliable sources."
April 28, 2025 at 2:34 PM
Portugal's National Cybersecurity Centre says: "There is no evidence to date pointing to a cyberattack. We would like to draw attention to the circulation of disinformation that occurs in these situations, and we therefore advise that every information should be confirmed with reliable sources."
Full story: www.bloomberg.com/news/article...
Ukraine Is an `Easy Target' for Russian Hackers After US Aid Pullback
American cybersecurity assistance has been crucial to helping war-torn country fend off hacks, experts say.
www.bloomberg.com
April 25, 2025 at 4:27 PM
Full story: www.bloomberg.com/news/article...
The end result is that Ukraine's digital front lines are weaker now, making the country an “easy target” for Russia, said Yegor Aushev, a Kyiv-based cybersecurity expert. The “sudden & unannounced shutdown” of cyber operations, he said, “has created a significant challenge.”
April 25, 2025 at 4:27 PM
The end result is that Ukraine's digital front lines are weaker now, making the country an “easy target” for Russia, said Yegor Aushev, a Kyiv-based cybersecurity expert. The “sudden & unannounced shutdown” of cyber operations, he said, “has created a significant challenge.”
“Many projects were stopped halfway, contractors were let go before finishing their work, & a lot of plans didn’t get the chance to reach their full potential,” Mankish said.
April 25, 2025 at 4:27 PM
“Many projects were stopped halfway, contractors were let go before finishing their work, & a lot of plans didn’t get the chance to reach their full potential,” Mankish said.
Andrii Mankish, a Ukrainian cybersecurity expert who worked on US-funded projects to identify Russian hacking attempts, said the US's cyber pullback was likely to “impact our efforts & slow down progress in key areas.” Long-planned cybersecurity projects had suddenly ended, he said.
April 25, 2025 at 4:27 PM
Andrii Mankish, a Ukrainian cybersecurity expert who worked on US-funded projects to identify Russian hacking attempts, said the US's cyber pullback was likely to “impact our efforts & slow down progress in key areas.” Long-planned cybersecurity projects had suddenly ended, he said.
That work is now paused & it's unclear whether it will resume -- Ukrainians say they have been left in the dark. Equipment & services that were to be provided to the country for ongoing initiatives, such as a project to strengthen the country’s central election commission, are now not going ahead.
April 25, 2025 at 4:27 PM
That work is now paused & it's unclear whether it will resume -- Ukrainians say they have been left in the dark. Equipment & services that were to be provided to the country for ongoing initiatives, such as a project to strengthen the country’s central election commission, are now not going ahead.
US cybersecurity assistance had included specialist support, training, equipment & software to organizations across Ukraine, including to dozens of government offices & departments & to key gas & electricity providers, the national bank & nuclear facilities such as Chernobyl.
April 25, 2025 at 4:27 PM
US cybersecurity assistance had included specialist support, training, equipment & software to organizations across Ukraine, including to dozens of government offices & departments & to key gas & electricity providers, the national bank & nuclear facilities such as Chernobyl.
Awesome news Will, congrats!
April 9, 2025 at 5:58 PM
Awesome news Will, congrats!