Barnes & Noble hit by Egregor ransomware, strange data leaked

The Egregor ransomware gang is claiming responsibility for the cyberattack on U.S. Bookstore giant Barnes & Noble on October 10th, 2020. The attackers state that they stole unencrypted files as part of the attack. Barnes & Noble is the largest brick-and-mortar bookseller in the United States, with over 600 bookstores in fifty states. The bookseller … Continue reading Barnes & Noble hit by Egregor ransomware, strange data leaked

3 Ways Data Breaches Accelerate the Fraud Supply Chain

The battle's just beginning as bad actors glean more personal information from victims and use that data to launch larger attacks. While data breaches have become a nearly daily occurrence in news headlines — most recently, Drizly and the Ritz Hotel — it's important that businesses and security professionals understand the cascading effect these incidents … Continue reading 3 Ways Data Breaches Accelerate the Fraud Supply Chain

Louis Vuitton fixes data leak and account takeover vulnerability

Louis Vuitton has quietly patched a security vulnerability on its website that allowed for user account enumeration and even allowed account takeover via password resets. Founded in 1854, Louis Vuitton is a prominent luxury French fashion brand and merchandise company with over 121,000 employees and a $15 billion annual revenue. The easily exploitable flaw resided … Continue reading Louis Vuitton fixes data leak and account takeover vulnerability

Twitter is warning devs that API keys and tokens may have leaked

Twitter is emailing developers stating that their API keys, access tokens, and access token secrets may have been exposed in a browser's cache. In an email seen by BleepingComputer, Twitter explains that a developer's browser may have cached the sensitive data when visiting certain pages on developer.twitter.com. Twitter email sent out about data leak Twitter … Continue reading Twitter is warning devs that API keys and tokens may have leaked

Report: 97% of Cybersecurity Companies Have Leaked Data on the Dark Web

97% of companies have data leaks and other security incidents exposed on the Dark Web. 631,512 verified security incidents were found with over 25% (or 160,529) of those classed as a high or critical risk level+ containing highly sensitive information such as plaintext credentials or PII, including financial or similar data. Hence, on average, there … Continue reading Report: 97% of Cybersecurity Companies Have Leaked Data on the Dark Web