Air Serbia, the country's flag carrier, has been continuously combating a cyberattack that has been ongoing for more than a week, The Register reports.
The intrusion has led to the deferral of last month's payslips, according to an internal memo from Air Serbia, which previously urged managers to establish a work plan considering potential disruptions stemming from the attack that was first disclosed to employees on July 4. Two days after conducting a staff-wide password reset and security scanning software on July 7, Air Serbia implemented a second wave of password resets before issuing a third on July 11. Further information regarding the breach was not given. However, Air Serbia was noted by a source close to the matter to have been remediating the compromise of its Active Directory amid struggles to expunge attackers from its network. Threat actors have been looking to infiltrate Air Serbia's endpoints since early 2024, said the source.
The intrusion has led to the deferral of last month's payslips, according to an internal memo from Air Serbia, which previously urged managers to establish a work plan considering potential disruptions stemming from the attack that was first disclosed to employees on July 4. Two days after conducting a staff-wide password reset and security scanning software on July 7, Air Serbia implemented a second wave of password resets before issuing a third on July 11. Further information regarding the breach was not given. However, Air Serbia was noted by a source close to the matter to have been remediating the compromise of its Active Directory amid struggles to expunge attackers from its network. Threat actors have been looking to infiltrate Air Serbia's endpoints since early 2024, said the source.
