Popular Posts

  • IT Auditing at ADM
    This past Tuesday December 3rd, 2013 we had two  guest speakers from ADM , Gary Hotwick and Wayne Sharp. Gary is a Millikin Grad who graduat...
  • Security of Picture Gesture Authentication
    When windows 8 was introduced it came with a new form of password security with the picture  gesture authentication. With time we realize...
  • Linux vulnerability
    The Linux operating system has a vulnerability within it for the past two years, it gives "untrusted" users with restricted accoun...
  • Adobe Data Breach
    Adobe systems recently confirmed that it's network was breached during an attack in which 2.9 million of their customers had their infor...
  • Database Security Vunerabilities
    There are certain common and serious database vulnerabilities that most businesses that deals with data should know of. Cyber attack has bee...
  • Linux is more Secure than Windows
    For small businesses or organizations that are lacking dedicated IT security staff using Linux can be very beneficial. There is a saying wit...
  • Internet Explorer Zero-Day
    There is a zero day flaw in Internet explorer, this impacts all versions of the browser but it seemed as though criminals are more focused ...

Monday, October 7, 2013

Adobe Data Breach

Adobe systems recently confirmed that it's network was breached during an attack in which 2.9 million of their customers had their information compromised. Information compromised includes customer names, passwords, debit and credit cards, and many more.

There was also a theft of source code for their products, Acrobat, ColdFusion Builder, and others. "CISO of Hold Security LLC as the poured over the contents of a server used by the cyber criminals recently revealed to have been behind damaging attacks on multiple data aggregators".

The Chief Security Officer Brad Arkin reported that there are no zero day exploits, so there shouldn't be any surprises but then encourages users to use just supported versions of their products. In response to the attack, the compromised password have been reset, and individuals and companies have been notified.

How did this affect businesses, well most of the big business in the world do use adobe products and what companies tend to do is that they have a common password for most of the applications they get. So what will happen is that now companies have to ensure that all those other password have been changed.

Adobe did indeed indicate that all the users whose account have been compromised have been notified to reset their passwords, there have reports of users whose old compromised password can still log into the Adobe Creative Cloud. It seems as though those systems are not connected to the reset procedure. They should just have all users reset their password entirely so that they do not forget parts of it.

http://www.securityweek.com/adobe-confirms-source-code-breach-theft-customer-data

http://www.pcworld.com/article/2052180/adobe-reports-massive-security-breach.html
Posted by at

1 comment:

  1. UnknownOctober 7, 2013 at 6:09 PM

    Looks like a lot of people wrote about this one and i feel for good reason. Not only does it show a issue with Adobe's security but it also allows other companies to be at risk also. As of now i feel as though Adobe is taking the right steps at the current moment but to much is unknown so far to see what the future holds with the source code.

    ReplyDelete

Subscribe to: Post Comments (Atom)