• About
  • Advertise
  • Careers
  • Contact
Monday, February 6, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Data Breach

San Francisco airport websites hacked to swipe personal device credentials

by Cyber360 News
April 12, 2020
in Data Breach
0
San Francisco airport websites hacked to swipe personal device credentials
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter

Two websites affiliated with San Francisco International Airport (SFO) were compromised with code last March, allowing attackers to steal device login credentials from users who visited these sites, airport officials have disclosed.

The breach affected the websites SFOConnect.com, which appears to deliver informational content to the SFO workforce, and SFOConstruction.com, which includes details on airport construction projects, bids and contracts.

In an online notification posted this week, SFO says the incident may have affected individuals who specifically accessed the two websites using an Internet Explorer browser installed on either a personal Windows device or a device not maintained by SFO.

A more typical scenario when a website breach like this occurs would be for the malicious code to steal web account credentials when registered users log in to the affected site.

But instead, the breach notification says that the attackers stole device credentials, not website credentials: “At this time, it appears the attackers may have accessed the impacted users’ usernames and passwords used to log on to those personal devices [that accessed the compromised websites.]

SC Media contacted SFO to confirm if it was actually device credentials and not website credentials that were stolen. Strategic Communication Advisor Francis Tsang replied, “Our statement is accurate.”

The notification also says that the malware was removed and both sites were taken offline after the breach was discovered. SFOConnect.com appears to up and running again today, offering its visitors COVID-19 support resources. SFOConstruction.com is still under maintenance.

SFO also says that on March 23 it forced a reset for any SFO-related email and network passwords, presumably in case any victims use the same stolen credentials for email and network connectivity as well.

Colin Bastable, CEO Lucy Security, told SC Media that while recently surveilling the dark web he found “around 8,000 compromised credentials from late February featuring a couple of flysfo.com email addresses. Perhaps one of these opened the door, allowing the malicious code to be dropped in the SFO websites.”

SC Media asked Bastable to speculate how the attackers might have been able to steal user device credentials when they visited the compromised site — a scenario that he thought was “unlikely” before SFO ultimately went on to confirm it. He theorized that the attack code could have generated a form field specifically asking site visitors to enter their device credentials. Alternatively, perhaps the malware embedded into the websites was able to load additional code onto the devices themselves, he added.

Cyber360 News

Cyber360 News

Next Post
Thousands Zoom credentials available on a Dark Web forum

Thousands Zoom credentials available on a Dark Web forum

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In