At least three password resets have taken place this month.
Air Serbia, the country's flag carrier, has been continuously combating a cyber-attack that has been ongoing for more than a week.
According to The Register, the intrusion has led to the deferral of last month's payslips, according to an internal memo from Air Serbia, which previously urged managers to establish a work plan considering potential disruptions stemming from the attack that was first disclosed to employees on July 4th.
A staff-wide password reset and security scanning software was conducted on July 7th, and Air Serbia implemented a second wave of password resets before issuing a third reset on July 11th. Further information regarding the breach was not given.
Air Serbia was noted by a source close to the matter to have been remediating the compromise of its Active Directory amid struggles to expunge attackers from its network. Threat actors have been looking to infiltrate Air Serbia's endpoints since early 2024, said the source.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
