Overclock.net › Forums › Industry News › Software News › [thenextweb] Adobe’s network compromised: 2.9 million customer names, encrypted credit and debit card numbers, and source code
New Posts  All Forums:Forum Nav:

[thenextweb] Adobe’s network compromised: 2.9 million customer names, encrypted credit and debit card numbers, and source code - Page 2

post #11 of 17
Yo dawg, I heard you like the cloud, so we created the creative cloud.
post #12 of 17
It´s their stranglehold of flash that bugs me , I´ve already ditched their reader in favour of Foxit, we really need more sites to start using HTML5 so we can do without this necessary evil.
SoulStorm Brew
(11 items)
 
El Niño
(11 items)
 
 
CPUMotherboardGraphicsRAM
A8 7600 GA-F2A88XN-WIFI Galax 1050ti 2 x 4g GSkill Ripjaws 2133 
Hard DriveCoolingOSMonitor
Sammy 850pro 256g + 2.5 " Toshiba 1T  Modded stock FX cooler lapped + 92mm Tacens Aur... Sony Bravia 46" 
PowerCaseMouse
420w Tacens radix IV  Silverstone grandia Loves to be touched  
CPUMotherboardGraphicsRAM
Athlon 5350 ASUS AM1I-A itx HD 8400 2 x 2gig Crucial ballistix tactical 1600 
Hard DriveCoolingOSMonitor
Sammy 830 64g + Toshiba 750g 2.5  stock + 120mm Skythe slipstream 32" LG 
KeyboardPowerCase
Tacens Levis  60w brick Akasa Crypto mini ITX 
  hide details  
Reply
SoulStorm Brew
(11 items)
 
El Niño
(11 items)
 
 
CPUMotherboardGraphicsRAM
A8 7600 GA-F2A88XN-WIFI Galax 1050ti 2 x 4g GSkill Ripjaws 2133 
Hard DriveCoolingOSMonitor
Sammy 850pro 256g + 2.5 " Toshiba 1T  Modded stock FX cooler lapped + 92mm Tacens Aur... Sony Bravia 46" 
PowerCaseMouse
420w Tacens radix IV  Silverstone grandia Loves to be touched  
CPUMotherboardGraphicsRAM
Athlon 5350 ASUS AM1I-A itx HD 8400 2 x 2gig Crucial ballistix tactical 1600 
Hard DriveCoolingOSMonitor
Sammy 830 64g + Toshiba 750g 2.5  stock + 120mm Skythe slipstream 32" LG 
KeyboardPowerCase
Tacens Levis  60w brick Akasa Crypto mini ITX 
  hide details  
Reply
post #13 of 17
Quote:
Originally Posted by Schoat333 View Post

How does Adobe get credit card numbers? Do people actually buy their software? Why when there is better software available for free?
No free software comes close. One client can cover the cost for an entire suite or a year of service with creative cloud if you know what you are doing.
post #14 of 17
Quote:
Originally Posted by ChronoBodi View Post

is this the Sony hack fiasco all over again? Except it's Adobe this time.
Sony hack fiasco was that they did not even implement security operations. They did a lot of absurdly stupid things like use the same seed for hashes and storing customer data in plain.
Quote:
Originally Posted by GrizzleBoy View Post

Imo, these "leaks" and "hacks" are simply companies ways of letting us know that they are sharing info with the NSA or something.

This kind of announcement has become faaaaaar too common in far too short a space of time.

Is there a month that goes by where X large company "leaks"/"loses" information to an anonymous entity?
You have to realize how asymmetrical Internet security is. Companies have to cover massive areas with underfunded security (since security is not a profit center). They have to defend from small groups of elite hackers. When I mean elite... I really mean 733T. How do you defend from persistent threats and zero-days? It's H-A-R-D.

Quote:
Originally Posted by JoshHunter View Post

It's encrypted. Adobe is a pretty software-savvy company, I'm sure they have used an incredibly secure hash.
Not necessarily.... if the system was set up a few years ago, they probably would have used a secure enough hash at the time. However, GPGPU hashing has been a game changer in recent years and they may not have changed their cipher or increased iterations.
Quote:
Originally Posted by Schoat333 View Post

How does Adobe get credit card numbers? Do people actually buy their software? Why when there is better software available for free?
What free software comes even ballpark close to Adobe? I mean really? The complexity of the algorithms in some of their features is pretty mindblowing (i.e. unblurring photos).
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #15 of 17
Why the hell would your source code be available over the internet... BAD BAD BAD. Lock that down. Internet facing machines should be completely isolated from developers.

Unless social engineering is at play... and a developer leaving a backdoor VPN / VNC / Remote desktop connection open.
Boat Anchor
(11 items)
 
OC'in beast
(21 items)
 
 
CPUMotherboardGraphicsRAM
AMD Threadripper 1950x Alienware Area-51 TR edition Vega Frontier (flashed to RX 64) Micron 16GB DDR4-2666 
Hard DriveOSMonitorKeyboard
WD Blue SSD Windows 10 RS3 Dell P4317Q Cooler Master QuickFire Cherry Brown 
PowerCaseMouse
Dell 1500W Alienware Area-51 Logitech MX5500 
CPUMotherboardGraphicsGraphics
AMD FX-8350 (Vishera) Gigabyte GA-990XA AMD 285X (unreleased) AMD 285X (unreleased) 
RAMHard DriveHard DriveHard Drive
Mushkin Enhanced Blackline 8GB (996679) Western Digital WD10EALS 1TB Blue Corsair Force Series GT CSSD-F180GBGT-BK 180GB Intel 530 Series SSDSC2BW240A401 240GB 
Optical DriveCoolingCoolingCooling
Sony 20X Sata DVD-RW Scythe Mugen 2 rev B (3) Scythe Slip Stream SY1225SL12H-P Antec Tri-Cool 140mm 
CoolingCoolingOSMonitor
Antec Tri-Cool 120mm Scythe Ultra Kaze DFS123812-3000 Windows 7 Pro 64bit ASUS PA248Q 24.1" IPS 
KeyboardPowerCaseMouse
Coolermaster Storm QuickFire Stealth Cherry MX ... Antec Earthwatts EA-750 Antec 300 Logitech G5 
Mouse Pad
Steel Series Starcraft 2 Marine 
  hide details  
Reply
Boat Anchor
(11 items)
 
OC'in beast
(21 items)
 
 
CPUMotherboardGraphicsRAM
AMD Threadripper 1950x Alienware Area-51 TR edition Vega Frontier (flashed to RX 64) Micron 16GB DDR4-2666 
Hard DriveOSMonitorKeyboard
WD Blue SSD Windows 10 RS3 Dell P4317Q Cooler Master QuickFire Cherry Brown 
PowerCaseMouse
Dell 1500W Alienware Area-51 Logitech MX5500 
CPUMotherboardGraphicsGraphics
AMD FX-8350 (Vishera) Gigabyte GA-990XA AMD 285X (unreleased) AMD 285X (unreleased) 
RAMHard DriveHard DriveHard Drive
Mushkin Enhanced Blackline 8GB (996679) Western Digital WD10EALS 1TB Blue Corsair Force Series GT CSSD-F180GBGT-BK 180GB Intel 530 Series SSDSC2BW240A401 240GB 
Optical DriveCoolingCoolingCooling
Sony 20X Sata DVD-RW Scythe Mugen 2 rev B (3) Scythe Slip Stream SY1225SL12H-P Antec Tri-Cool 140mm 
CoolingCoolingOSMonitor
Antec Tri-Cool 120mm Scythe Ultra Kaze DFS123812-3000 Windows 7 Pro 64bit ASUS PA248Q 24.1" IPS 
KeyboardPowerCaseMouse
Coolermaster Storm QuickFire Stealth Cherry MX ... Antec Earthwatts EA-750 Antec 300 Logitech G5 
Mouse Pad
Steel Series Starcraft 2 Marine 
  hide details  
Reply
post #16 of 17
Quote:
Originally Posted by kevinf View Post

Why the hell would your source code be available over the internet... BAD BAD BAD. Lock that down. Internet facing machines should be completely isolated from developers.

Unless social engineering is at play... and a developer leaving a backdoor VPN / VNC / Remote desktop connection open.

I assume they did segregate their networks... if not, bad!

I am guessing this is a persistent attack.... they went spear-phishing, waterholed, and/or social engineered their way to an internal desktop. From the compromised machine, they moved onto other computers and finally getting to core servers. Anything less would mean Adobe's IT infrastructure is bad....
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #17 of 17
Quote:
Originally Posted by DuckieHo View Post

Sony hack fiasco was that they did not even implement security operations. They did a lot of absurdly stupid things like use the same seed for hashes and storing customer data in plain.
You have to realize how asymmetrical Internet security is. Companies have to cover massive areas with underfunded security (since security is not a profit center).

What many companies fail to realize is that it may not be a profit center, it can become a MONUMENTAL loss of revenue/brand trust if they continue to underfund it. I know you know this, I'm just saying it for others.
Finally...
(20 items)
 
  
CPUMotherboardGraphicsRAM
Intel 4930k @4.4GHz ASUS Rampage IV Extreme Black Edition Nvidia GTX 1070 Founders Edition 32GB Corsair Vengeance Pro DDR3-2400 
Hard DriveHard DriveOptical DriveCooling
Samsung 850 Pro 128GB 2TB WD Black ASUS Blu-ray combo, LiteOn dvdrw MCR320 
CoolingCoolingCoolingCooling
MCR320 MCP655 Heatkiller 3.0 Nickel plated EK Multi-Option 150 Res 
OSMonitorKeyboardPower
windows 10 HP 32q Logitech G19 & Logitech G13 EVGA SuperNOVA 1300 G2 
CaseMouseMouse PadAudio
Mountain Mods U2-UFO Razer Mamba Razer Destructor Logitech G930 
  hide details  
Reply
Finally...
(20 items)
 
  
CPUMotherboardGraphicsRAM
Intel 4930k @4.4GHz ASUS Rampage IV Extreme Black Edition Nvidia GTX 1070 Founders Edition 32GB Corsair Vengeance Pro DDR3-2400 
Hard DriveHard DriveOptical DriveCooling
Samsung 850 Pro 128GB 2TB WD Black ASUS Blu-ray combo, LiteOn dvdrw MCR320 
CoolingCoolingCoolingCooling
MCR320 MCP655 Heatkiller 3.0 Nickel plated EK Multi-Option 150 Res 
OSMonitorKeyboardPower
windows 10 HP 32q Logitech G19 & Logitech G13 EVGA SuperNOVA 1300 G2 
CaseMouseMouse PadAudio
Mountain Mods U2-UFO Razer Mamba Razer Destructor Logitech G930 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
  • [thenextweb] Adobe’s network compromised: 2.9 million customer names, encrypted credit and debit card numbers, and source code
Overclock.net › Forums › Industry News › Software News › [thenextweb] Adobe’s network compromised: 2.9 million customer names, encrypted credit and debit card numbers, and source code