UN Aviation Agency Breached: 42,000 Individuals Affected
UN Aviation Agency Breached: 42,000 Individuals Affected
On January 10, 2025, the International Civil Aviation Organization (ICAO) disclosed a significant breach of its recruitment database, impacting approximately 42,000 individuals. The data exposed in this incident includes personal information such as names and contact details, while sensitive operational data remains secure. The breach has been linked to a group known as "Natohub," which has published the leaked records on a hacking forum. This incident underscores the vulnerabilities present within governmental and international organizations, as well as the potential risks to individuals whose personal data has been compromised. Security teams should prioritize monitoring for unauthorized access and potential misuse of the exposed data to mitigate risks. Source
Also In Security Today
- Phishing Campaign Targets Developers: A new phishing campaign has emerged, targeting developers with fraudulent job offers purportedly from CrowdStrike. Victims are led to download malware disguised as an employee CRM application, which secretly installs cryptocurrency miners. Source
- Critical Vulnerabilities Flagged by CISA: The Cybersecurity and Infrastructure Security Agency has identified critical vulnerabilities in systems from Mitel and Oracle, with signs of active exploitation. Organizations are urged to apply patches immediately. Source
- New CVEs Reported: Notable vulnerabilities include CVE-2025-21307, a remote code execution flaw in Windows Reliable Multicast Transport Driver, and CVE-2025-21298, which allows remote code execution via a malicious email preview. Immediate patching is advised. Source
- Healthcare Sector Under Cyber Threat: The healthcare sector continues to experience heightened cyber threats, emphasizing the urgent need for improved cybersecurity measures across various organizations to safeguard sensitive data. Source