CyberSecurityBoard
Sponsor Register Login

Regional airline envoy Oracle hacked, data leaked

The article reports a significant cybersecurity incident involving the hacking of Oracle, a regional airline envoy, leading to a data breach. This breach exposed sensitive information, highlighting the vulnerabilities in airline and aviation sector cybersecurity. The attack underscores the increasing threat landscape targeting critical infrastructure and transportation industries. It emphasizes the need for enhanced security measures, continuous monitoring, and robust incident response strategies to protect against such cyber threats. The article also discusses the implications of the breach for affected customers and the broader impact on the airline's reputation and operational integrity. Cybersecurity experts recommend immediate action to mitigate risks and prevent future attacks, including patch management, employee training, and investment in advanced security technologies. This incident serves as a critical reminder of the evolving tactics used by cybercriminals and the importance of proactive defense mechanisms in safeguarding sensitive data within the aviation sector.

This Cyber News was published on therecord.media. Publication date: Fri, 17 Oct 2025 15:00:21 +0000


Cyber News related to Regional airline envoy Oracle hacked, data leaked

Regional Family Medicine Confirms Data Breach Resulting from Recent IT Outage - On December 12, 2023, Regional Family Medicine filed a notice of data breach with the Attorney General of Maine after discovering that what initially appeared to be an IT outage was really a cyberattack. In this notice, Regional Family explains that ...
2 years ago Jdsupra.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 year ago Aws.amazon.com
Regional airline envoy Oracle hacked, data leaked - The article reports a significant cybersecurity incident involving the hacking of Oracle, a regional airline envoy, leading to a data breach. This breach exposed sensitive information, highlighting the vulnerabilities in airline and aviation sector ...
2 months ago Therecord.media
Mt. Graham Regional Medical Center Recovers from Ransomware Attack but Confirms Data Breach - On September 29, 2023, Mount Graham Regional Medical Center filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after confirming a recent ransomware attack. In this notice, MGRMC explains that ...
2 years ago Jdsupra.com
CVE-2020-15127 - In Contour ( Ingress controller for Kubernetes) before version 1.7.0, a bad actor can shut down all instances of Envoy, essentially killing the entire ingress data plane. GET requests to /shutdown on port 8090 of the Envoy pod initiate Envoy's ...
5 years ago
CVE-2021-32779 - Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy incorrectly handled a URI '#fragment' element as part of the path element. Envoy is configured with an ...
3 years ago
CVE-2021-32783 - Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the ...
4 years ago
CVE-2016-0635 - Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, ...
6 years ago
American Airlines subsidiary Envoy confirms Oracle data theft attack - American Airlines subsidiary Envoy Airlines has confirmed a data breach involving Oracle, where attackers stole sensitive information. The incident highlights the growing threat of cyberattacks targeting airline subsidiaries and their critical data ...
2 months ago Bleepingcomputer.com
CVE-2024-45806 - Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This ...
1 year ago
Hawaiian Airlines discloses cyberattack, flights not affected - Hawaiian Airlines also hired external cybersecurity experts to asses the attack's impact and help restore affected systems. The airline stated in a statement issued on Thursday morning that the incident didn't affect flight safety and has already ...
6 months ago Bleepingcomputer.com
US SEC's X account hacked to announce fake Bitcoin ETF approval - The X account for the U.S. Securities and Exchange Commission was hacked today to issue a fake announcement on the approval of Bitcoin ETFs on security exchanges. The announcement came this afternoon in a now-deleted tweet from the SEC's hacked X ...
2 years ago Bleepingcomputer.com
Oracle says "obsolete servers" hacked, denies cloud breach - BleepingComputer has also separately confirmed with multiple Oracle customers that samples of the leaked data (including associated LDAP display names, email addresses, given names, and other identifying information) received from the threat actor ...
9 months ago Bleepingcomputer.com
Alleged ShinyHunters Hacker Pleads Not Guilty After US Extradition - The ShinyHunters group is known for some of the largest data breaches in 2021-2022, in which the personal data of hundreds of millions of users was leaked on the now-seized Raidforums. In July 2022, HackRead.com reported on Sebastian Raoult, an ...
2 years ago Hackread.com Hunters
CVE-2025-64763 - Envoy is a high-performance edge/middle/service proxy. In 1.33.12, 1.34.10, 1.35.6, 1.36.2, and earlier, when Envoy is configured in TCP proxy mode to handle CONNECT requests, it accepts client data before issuing a 2xx response and forwards that ...
1 month ago
Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets - Infostealers infect computers, steal all of the credentials saved in the browser along with active session cookies and other data, then export it back to command and control infrastructure before, in some cases, self-terminating. This article will ...
1 year ago Bleepingcomputer.com
CVE-2025-24030 - Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes cluster can use a path traversal attack to execute Envoy Admin interface commands on ...
11 months ago Tenable.com
Oracle privately confirms Cloud breach to customers - This comes after a threat actor (known as rose87168) put up for sale 6 million data records on BreachForums on March 20 and released multiple text files containing a sample database, LDAP information, and a list of the companies as proof that the ...
9 months ago Bleepingcomputer.com
Oracle privately confirms Cloud breach to customers - This comes after a threat actor (known as rose87168) put up for sale 6 million data records on BreachForums on March 20 and released multiple text files containing a sample database, LDAP information, and a list of the companies as proof that the ...
9 months ago Bleepingcomputer.com
CVE-2022-29224 - Envoy is a cloud-native high-performance proxy. Versions of envoy prior to 1.22.1 are subject to a segmentation fault in the GrpcHealthCheckerImpl. Envoy can perform various types of upstream health checking. One of them uses gRPC. Envoy also has a ...
2 years ago
70 million account credentials were leaked in a massive password dump - A security researcher has unearthed what appears to be one of the biggest password dumps ever. Over 70 million unique credentials have been leaked on the dark web. ADVERTISEMENT. The news came to light when Troy Hunt, the owner of the popular breach ...
1 year ago Ghacks.net
SEC confirms X account was hacked in SIM swapping attack - The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the cell phone number associated with the account. Earlier this month, the SEC's X account was hacked to issue a fake ...
1 year ago Bleepingcomputer.com
Oracle’s First Security Update for 2023 Includes 327 New Patches - Oracle has released its first security update of 2023, delivering 327 new security fixes and patching a range of critical vulnerabilities. This update covers products spanning across Oracle’s Cloud portfolio, Fusion Middleware, Hyperion, E-Business ...
2 years ago Securityweek.com
CVE-2023-27488 - Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, escalation of privileges is possible when `failure_mode_allow: true` is configured for `ext_authz` ...
2 years ago
Yandex Source Code Online Leaked, Company Denies Hack - According to analysis from different sources, Yandex source code does not contain user data, but it does contain over 1,900 factors for ranking search results and more. The source code repository of the Yandex search engine and technology giant was ...
2 years ago Hackread.com

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)