The Breach Report: My Top Picks From Christmas, January 12, 2025
Thumbnail
In the latest cybersecurity incidents, various platforms faced significant breaches and hacks, including Litecoin and Foresight Ventures on Twitter, a vulnerability in Ivanti’s products, and a cyberattack on Russia’s oil sector by Ukraine. Additionally, Japan Airlines experienced flight disruptions due to a cyberattack, while the International Civil Aviation Organization revealed a massive data breach. Other incidents involved Cyberhaven and Medusind, affecting numerous individuals. Affected: Litecoin, Foresight Ventures, Ivanti, Ukraine, Japan Airlines, ICAO, Cyberhaven, Medusind

Keypoints :

  • Litecoin and Foresight Ventures had their Twitter accounts hacked, promoting fake tokens.
  • Ivanti’s critical vulnerability exploited by the threat actor UNC5321, allowing arbitrary command execution.
  • Ukraine’s intelligence agency targeted Russia’s oil sector, compromising Lukoil’s digital resources.
  • Japan Airlines faced a cyberattack causing flight delays and cancellations, suspected to be a DDoS attack.
  • ICAO reported a data breach exposing over 42,000 recruitment applications.
  • Cyberhaven’s Chrome extension was compromised, leading to a malicious version release.
  • Medusind reported a data breach affecting over 360,934 individuals in Florida and Maine.
  • Pittsburgh Regional Transit Services experienced a ransomware attack disrupting operations.
  • PowerSchool faced a breach affecting sensitive data of over 60 million students and 18,000 customers.
  • Green Bay Packers’ online store breach exposed credit card data of 8,514 fans.

MITRE Techniques :

  • TA0001 – Initial Access: Exploitation of Ivanti’s vulnerability (CVE-2025–0283) to gain access.
  • TA0040 – Impact: Cyberattack on Ukraine’s oil sector targeting Lukoil’s infrastructure.
  • TA0007 – Discovery: Cyberhaven’s phishing attack leading to the compromise of their Chrome extension.
  • TA0043 – Exfiltration: Data breach at ICAO involving the exposure of recruitment application records.
  • TA0042 – Resource Development: Medusind’s data breach affecting healthcare records.

Full Research: https://medium.com/@soumitsr/the-breach-report-my-top-picks-from-xmas-jan-12-2025-fd64f4c40ff2?source=rss——cybersecurity-5