Russian threat group suspected of hacking SFO


Russian state-sponsored threat actors are suspected to have hacked San Francisco’s airport last month.

The San Francisco International Airport (SFO) disclosed a data breach last Tuesday that affected a number of employees and third-party contractors who accessed SFOConnect.com and SFOConstruction.com in March. While SFO did not offer any insight into who hacked the websites, researchers from antimalware vendor ESET this week said the breach appeared to be the work of a Russian APT known as Dragonfly/Energetic Bear.

The attackers utilized “malicious computer code” in order to steal select users’ Windows login credentials, according to the

Read More Read More