In this section, the hottest story happens to be about the American bookstore chain ‘Barnes & Noble’ has suffered a significant cyberattack. Let’s look into the story and see what’s going on.
Barnes & Noble data breach
As per a Bleeping Computer report, Barnes & Noble customers have been complaining about service outages on social media. Users have complained that the company’s Nook libraries were inaccessible, and their previous purchases have vanished from the interface. The company sent emails to their customers, acknowledging the interruption and assuring them that a restoration process is underway.
Obviously, this has fueled speculations as to what is actually happening behind the scenes. Barnes & Noble has since finally come out and admitted that they had been victims of a malicious attack leading to “unauthorized and unlawful access to certain Barnes & Noble corporate systems.”
The following data has been exposed during the breach – customer email addresses, billing and shipping addresses, telephone numbers, and transaction histories.
Reaction from Twitter
Just notified by #BarnesandNoble that their customer data was compromised
CONSUMER ALERT: Barnes and Noble says it suffered a massive cyber security attack that exposed customer information.
Barnes & Noble Warns Customers About Data Breach
What’s happening behind the scenes?
Bleeding Computer reported that Barnes & Noble’s VPN servers have been previously vulnerable to CVE-2019-11510. This was something detected by KNOW as well, which you can see in the story card here:
What is CVE-2019-11510?
By exploiting this vulnerability in Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated, remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability.
Context from KNOW
- Vendors: Pulsesecure
- Products affected: Pulse Connect Secure
- Historically linked to threat actors: APT29 The Dukes
- Historically linked to intrusion method: Arbitrary file read and arbitrary file disclosure.
What is KNOW?
KNOW is Netenrich’s Threat Intel Platform that extracts data from billions of data points and correlates relevant intel and expert analyst insights to help you follow, search, and act—in a fraction of the time it takes now.
One of KNOW’s handiest tools is the trending threats dashboard, which gives you a bird’s eye view of the most potent malware, threat actors, methods, and vulnerabilities in the following time frames:
- Last 7 days.
- Last 60 days.
So, want to check out KNOW some more? Why don’t you sign up to get daily threat intel updates?
Oh, and by the way, it’s completely free.