Subscribe To Our Newsletter!

Stay up to date on the top trending threats as well as the top stories in Security, Networks, Cloud, IT Ops & AIOps.

Barnes & Noble data breach – KNOW Your Global Threat Landscape

KNOW why this billion dollar company had to abruptly stop its services

Post by Rajarshi Mitra In Security on Oct 16, 2020

KNOW is Netenrich’s new-aggregating platform that collates the hottest news from the global threat landscape. Today, we wanted to check out the hottest stories in the “Vulnerability” section.

 


In this section, the hottest story happens to be about the American bookstore chain ‘Barnes & Noble’ has suffered a significant cyberattack. Let’s look into the story and see what’s going on.

 

Barnes & Noble data breach


As per a Bleeping Computer report, Barnes & Noble customers have been complaining about service outages on social media. Users have complained that the company’s Nook libraries were inaccessible, and their previous purchases have vanished from the interface. The company sent emails to their customers, acknowledging the interruption and assuring them that a restoration process is underway.

 


Rampant Speculations


Obviously, this has fueled speculations as to what is actually happening behind the scenes. Barnes & Noble has since finally come out and admitted that they had been victims of a malicious attack leading to “unauthorized and unlawful access to certain Barnes & Noble corporate systems.” 

The following data has been exposed during the breach – customer email addresses, billing and shipping addresses, telephone numbers, and transaction histories.

Reaction from Twitter

@mobios

Just notified by #BarnesandNoble that their customer data was compromised

@CBSNewYork

CONSUMER ALERT: Barnes and Noble says it suffered a massive cyber security attack that exposed customer information.

@DarkReading

Barnes & Noble Warns Customers About Data Breach

What’s happening behind the scenes?


Bleeding Computer reported that Barnes & Noble’s VPN servers have been previously vulnerable to CVE-2019-11510. This was something detected by KNOW as well, which you can see in the story card here:

 


What is CVE-2019-11510?


By exploiting this vulnerability in Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated, remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability.


Context from KNOW

 

  • Vendors: Pulsesecure 
  • Products affected: Pulse Connect Secure 
  • Historically linked to threat actors: APT29 The Dukes 
  • Historically linked to intrusion method: Arbitrary file read and arbitrary file disclosure.

What is KNOW?

KNOW is Netenrich’s Threat Intel Platform that extracts data from billions of data points and correlates relevant intel and expert analyst insights to help you follow, search, and act—in a fraction of the time it takes now.

One of KNOW’s handiest tools is the trending threats dashboard, which gives you a bird’s eye view of the most potent malware, threat actors, methods, and vulnerabilities in the following time frames:

  • Last 7 days.
  • Last 60 days.

So, want to check out KNOW some more? Why don’t you sign up to get daily threat intel updates?

Oh, and by the way, it’s completely free.

CONNECT WITH US

About Author

Rajarshi is a creative and accomplished writer who made his mark in the blockchain space before stepping into cybersecurity. When he is not working, he is busy chilling with his wife and cat, catching up on the latest Netflix docu-series.....or watching Harry Potter for the 5781241516th time.