New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Vermont Based Orvis Leaked Internal Credentials on Pastebin

KrebsOnSecurity reported that the sporting goods retail chain Orvis leaked a large number of internal credentials on Pastebin. The information remained on the site for a few weeks during the month of October before Orvis was notified by Hold Security about the file. Alex Holden, Hold Security’s founder, said that the file was posted on two separate occasions, once on October 4th and again on October 22nd. Orvis spokesperson Tucker Kimball stated, “The file contains old credentials, so many of the devices associated with the credentials are decommissioned and we took steps to address the remaining ones. We are leveraging our existing security tools to conduct an investigation to determine how this occurred.” Contained in the file were usernames and passwords in plaintext that Orvis has used for different services or security products.

Analyst Notes

Binary Defense’s Counterintelligence team offers a comprehensive @ domain monitoring service that will let our analysts know if a domain has been included in a breach or in this instance, posted to Pastebin and what information is included in the paste. A service like this gives companies the peace of mind knowing that any time their information is posted publicly, it will be quickly detected and reported to the client for remediation.