A record $65 million settlement was reached for a Pennsylvania healthcare company's medical record hack, which affected hundreds of patients and employees. The case involved about 135,000 patients and employees of the Pennsylvania-based independent healthcare network Lehigh Valley Health Network (LVHN). LVHN's data breach exposed 600 patients' and employees' medical records and Personally Identifiable Information (PII). The exposed data included addresses, email addresses, birthdates, Social Security numbers, passport information, medical data, and nude patient photos.

Aqua Security's Nautilus research team warns that "Hadooken" Linux malware has been targeting Oracle WebLogic servers to launch additional malware and steal credentials for lateral movement. The malware is used in attacks that exploit weak passwords for initial access. After compromising a WebLogic server, the attackers downloaded shell and Python scripts to fetch and run the malware. This article continues to discuss findings regarding the Hadooken malware targeting Oracle WebLogic applications and its link to multiple ransomware families.

The "RansomHub" ransomware gang is threatening to leak data allegedly stolen from Kawasaki Motors Europe (KME). The company has announced it is recovering from the cyberattack that disrupted service. The company is investigating and cleaning any suspicious material on its systems after the attack on its EU headquarters. KME is a subsidiary of Kawasaki Heavy Industries, a global Japanese company that makes motorcycles, utility vehicles, and other motorized products.

The Science of Security (SoS) Virtual Institutes (VIs) held their Mid-Year meeting at the International Computer Science Institute (ICSI) on July 9-10, 2024. This was the second meeting of the VIs since they were formed in late 2023.  The meeting was attended by Principal Investigators (PIs) and/or Co-PIs from all seven VI universities who briefed the status of the eleven VI projects.

According to the FBI and CISA, malicious actors are spreading false claims that US voter registration databases have been breached.  The agencies said that the claims are designed to manipulate public opinion and undermine confidence in US democratic institutions in the run up to the US Presidential Elections in November.  The malicious actors are using obtained voter registration information as evidence to support their claims that a cyber operation compromised election infrastructure.

Threat actors have been infecting Internet-exposed Selenium Grid servers to use victims' Internet bandwidth for cryptomining, proxyjacking, and more. Wiz reports that 30 percent of cloud environments use Selenium, an open source suite of tools for browser automation. Millions of developers and thousands of organizations use Selenium Grid, an open source tool for automatically testing web applications across multiple platforms and browsers in parallel. Some hackers have launched automated malware to hijack Selenium Grid servers for malicious purposes.