Adobe blows it. A treasure trove of customer information and source code has been found, we’ll share the details.
The DNS hijacking hijinks continue, after several big sites are brought offline. Then its a huge batch of your questions, our answers, and much much more!
Thanks to:
Direct Download:HD Video | Mobile Video | MP3 Audio | Ogg Audio | YouTube | HD Torrent | Mobile Torrent RSS Feeds:HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feeds | Torrent Feed |
Adobe hacked, 3 million customer records leaked
- Adobe’s servers was compromised sometime between July 31 and Aug. 15, but the attack was not discovered until Sept. 17
- The source code for “numerous” products was stolen, including Adobe Acrobat, Publisher, ColdFusion, and ColdFusion Builder
- The source code leak could allow the attackers to much more easily generate a slew of 0-day attacks against Adobe products, resulting in exploits against which there is no defense
- Sensitive information on people with Adobe accounts was also taken, including names, encrypted credit numbers, expiration dates, order history and more
- “At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems” said Adobe chief security officer Brad Arkin
- “Krebs also saw a list of 1.2 million potential .org domains running ColdFusion that the attackers could use as targets stored among the stolen data”
- “Holden and Krebs discovered a 40 GB file of stolen data, Krebs reported yesterday, on the same server hosting data stolen from brokers LexisNexis, Dun & Bradstreet and Kroll.”
- Additional companies were also compromised
- Additional Coverage – Threatpost
- Additional Coverage – ZDNet
- Adobe Blog – Illegal Access to Adobe Source Code
- Adobe – Important Customer Security Announcement
- Adobe – Customer Security Alert
WhatsApp, AVG, Avira, Alexa websites hacked in apparent DNS hijack
- Network Solutions is investigating an attack by a pro-Palestinian hacking group that redirected websites belonging to several companies.
- A group calling itself the KDMS Team claimed responsibility on Twitter.
- KDMS posted several screenshots on Twitter, including one that affected WhatsApp\’s domain. + The message asserted that the region known as Palestine has been stolen, and that prisoners should be released from Israeli jails.
- The websites affected included those of the security companies AVG and Avira; the messaging platform WhatsApp; a pornography site, RedTube; and Web metrics company Alexa.
- Stated on the company’s blog:
> \”It appears that our account used to manage the DNS records registered at Network Solutions has received a fake password-reset request which was honored by the provider.\”
> \”Using the new credentials, the cybercriminals have been able to change the entries to point to their DNS servers.\” - Additional Coverage:
Feedback:
[asa]0399160450[/asa]
Round Up:
- NSA tracks Google ads to find Tor users
- Patch Tuesday two-for-one sale. Microsoft fixes 2nd unannounced 0-day exploit in IE being exploited in the wild
- Malware authors scramble to become the next exploit kit after Blackhole author arrested
- Reclaim disk space, Microsoft finally releases a tool to remove unneeded windows update backup files
- Why attacks on the internet need to be public
- Google adds rewards for improving security in critical infrastructure open source projects including OpenSSH, Bind and ISC DHCP
- What pentesters can learn from spammers
- Most popular BSDCan talk ever – 2010 Everything you need to know about cryptography in 1 hour
- Police demand ability to arbitrarily take down and redirect domain names
- Great lightning talk from DestroyAllSoftware, “WAT”
- Gameover trojan using SSL to encrypt command and control functions
- Bulletproof hoster Santrex shutdown