Crypto Exchange Also Scraps Plans for Lending Program Amid SEC Pushback
U.S.-based cryptocurrency exchange Coinbase has contracted with the U.S. Department of Homeland Security to provide its blockchain monitoring software, according to government tracking sites. The U.S.-based exchange also withdrew plans to launch a crypto lending program amid tensions with the SEC.

https://www.inforisktoday.co.uk/coinbase-contracts-dhs-for-blockchain-analytics-a-17586

Researchers Believe NEW Cooperative Targeted By BlackMatter Gang
NEW Cooperative, an Iowa-based farm services cooperative, has reportedly been targeted by the BlackMatter ransomware gang, demanding a $5.9 million payment from the organization, according to security researchers and published reports. The cooperative is working with law enforcement.

https://www.inforisktoday.co.uk/ransomware-reportedly-hits-iowa-farm-services-cooperative-a-17582

Alaska DHSS’ IT Systems Are Still Recovering from Nation-State-Sponsored Attack
Alaska’s Department of Health and Social Services says it is notifying “all Alaskans” that their personal and protected health information may have been compromised in a nation-state-sponsored cyberattack that was detected in May, from which the department is still recovering.

https://www.inforisktoday.co.uk/post-attack-health-agency-notifying-all-alaskans-a-17578

Compromised PII Includes Names, Email and Phone Numbers
The French shipping firm CMA CGM reported on Monday that it had been struck with a data breach almost a year after it was hit with a ransomware attack that knocked its systems offline for several days.

https://www.inforisktoday.co.uk/shipping-giant-cma-cgm-hit-second-attack-a-17579

Cross-Chain Protocol pNetwork Offers Hacker ‘Clean’ $1.5 Million Bug Bounty
In the latest security incident involving a decentralized finance protocol, cross-chain project pNetwork announced Sunday it had been hacked for 277 pBTC, a form of wrapped bitcoin, with losses worth over $12 million at current value.

https://www.inforisktoday.co.uk/hacker-makes-off-12-million-in-latest-defi-breach-a-17580

Nation-State Chinese Groups APT27, APT41 Likely Candidates
Earlier this month, McAfee Enterprise’s Advanced Threat Research team, working with McAfee’s Professional Services IR team, reported that an APT campaign dubbed Operation Harvest had been in operation for years. Their analysis provides insight into the group’s tools, tactics and techniques.

https://www.inforisktoday.co.uk/chinese-apt-data-harvesting-campaign-analyzed-a-17581

MicroTik Flaws Still Being Exploited, But There Are Mitigation Steps
The Mēris botnet, responsible for huge waves of DDoS attacks recorded by cybersecurity firms Qrator Labs and Cloudflare, is still active, using “abandoned” MikroTik routers. The attack signatures saw a spike of 21.8 million requests per second, exploiting a vulnerable version of MikroTik RouterOS.

https://www.inforisktoday.co.uk/meris-how-to-stop-most-powerful-botnet-on-record-a-17574

IG Report on Dams Urges Agency to Make Several Security Improvements
CISA must update its plans to improve the security - both physical and cyber - within the nation’s critical infrastructure, according to a report that specifically looked at issues related to the country’s dams and levees. Attacks targeting critical infrastructure have raised the issue.

https://www.inforisktoday.co.uk/cisa-must-update-critical-infrastructure-protection-plans-a-17575

Experts Discuss Challenges, Solutions for Bounty Hunters
While there is no dearth of talent among Indian bug bounty hunters, hurdles such as lack of trust, payment disputes, cost, unethical practices and lack of regulatory laws deter the growth of the bug bounty programs in the country, according to some experts.

https://www.inforisktoday.co.uk/no-bounty-for-bug-hunters-in-india-a-17571

Scraped Whois Information Leaked by Anonymous in Reprisal for Alt-Right Site Hosting
More than 15 million email addresses and individuals’ personal details have been leaked by Anonymous in reprisal for Texas’ new law restricting abortion. The leaked information allegedly comes from Epik, which has hosted far-right websites, including for the Republican Party of Texas.

https://www.inforisktoday.co.uk/web-hoster-epiks-breach-exposes-15-million-email-addresses-a-17572

Europol: Illegal Operation Connected to Italian Mafia
The Spanish and Italian national police agencies, in conjunction with Europol, have arrested 106 individuals who allegedly are linked to the Italian mafia on a variety of online fraud charges that authorities say earned the group at least 10 million euros ($11.7 million) in illegal profits.

https://www.inforisktoday.co.uk/spanish-italian-police-break-up-phishing-gang-a-17576

Report: Treasury Department to Announce Sanctions as Early as This Week
The Biden administration may soon unveil plans to curtail the ransomware attacks that have crippled corporate networks this year. According to a report from The Wall Street Journal, the Treasury Department will announce sanctions and similar guidance designed to disrupt the ransomware model.

https://www.inforisktoday.co.uk/us-to-unveil-sanctions-on-use-cryptocurrency-for-ransoms-a-17567

Matthew Gatrel Offered Subscription-Based Computer Attack Platforms
An Illinois man has been found guilty of running subscription-based distributed denial of service attacks that enabled customers to launch DDoS strikes of their own. He is now facing a statutory maximum sentence of 35 years in federal prison when sentenced in January 2022.

https://www.inforisktoday.co.uk/illinois-man-convicted-running-ddos-facilitation-websites-a-17568

Researchers Say OMIGOD Vulnerability Can Give Attackers Root Privileges
The Mirai botnet is actively exploiting the known vulnerability CVE-2021-38647, which is part of a quarter of vulnerabilities dubbed OMIGOD, in Microsoft’s Azure Linux Open Management Infrastructure framework, according to Kevin Beaumont, head of the security operations center for Arcadia Group.

https://www.inforisktoday.co.uk/mirai-botnet-actively-exploiting-omigod-flaw-a-17566

20th ‘Right of Access’ Settlement, But When Will a New Director Be Named?
While the wait continues for the Biden administration to name a new leader for the Department of Health and Human Services’ Office for Civil Rights, the HIPAA enforcement agency recently issued its 20th settlement to date in a case involving a patient “right of access” dispute.

https://www.inforisktoday.co.uk/hhs-ocrs-latest-hipaa-enforcement-action-a-17563

Researchers: Attacker Sold Pilfered Airline Data on the Darknet
Cisco Talos researchers have connected a previously discovered series of aviation industry attacks stretching back more than three years to a Nigeria-based attacker. The attacker sold the stolen information on the darknet, the researchers say.

https://www.inforisktoday.co.uk/nigerian-hacker-connected-to-aviation-industry-attacks-a-17564

Man Allegedly Recruited, Trained AT&T Employees to Act as Hackers
A dual citizen of Pakistan and Grenada has been sentenced to 12 years in prison for orchestrating a seven-year scheme that unlawfully unlocked nearly 2 million AT&T smartphones, which the carrier says amounted to $200 million in subscriber losses, according to the U.S. DOJ.

https://www.inforisktoday.co.uk/fraudster-gets-12-year-sentence-for-att-unlocking-scheme-a-17565

FBI, CISA, Coast Guard Release Joint Warning and Urge Customers to Patch
CISA, the FBI and the U.S. Coast Guard Cyber Command warn users of Zoho Corp.'s single sign-on and password management tool to patch for a vulnerability that nation-state groups may look to exploit. Attackers could use the bug to compromise credentials and exfiltrate data from Active Directory.

https://www.inforisktoday.co.uk/us-warns-nation-state-groups-may-exploit-flaw-in-zoho-tool-a-17562

Many Files Crypto-Locked Before July 13 Unlockable via Free Bitdefender Decryptor
Score one for the good guys in the fight against ransomware: Anyone who fell victim to REvil, aka Sodinokibi, crypto-locking malware before July 13 can now decrypt at least some of their files for free, thanks to a decryptor released by security firm Bitdefender.

https://www.inforisktoday.co.uk/good-news-revil-ransomware-victims-get-free-decryptor-a-17560

Breach Notification Report Reveals Some PII Could Have Been Exposed
The Republican Governors Association was one of several U.S. organizations targeted in March when a nation-state group took advantage of vulnerabilities in Microsoft Exchange email servers, according to a breach notification letter filed with Maine authorities. It appears some PII was exposed.

https://www.inforisktoday.co.uk/republican-governors-association-targeted-in-exchange-attacks-a-17554