Overclock.net › Forums › Industry News › Software News › [thenextweb] Adobe’s network compromised: 2.9 million customer names, encrypted credit and debit card numbers, and source code
New Posts  All Forums:Forum Nav:

[thenextweb] Adobe’s network compromised: 2.9 million customer names, encrypted credit and debit card numbers, and source code - Page 2

post #11 of 17
Yo dawg, I heard you like the cloud, so we created the creative cloud.
post #12 of 17
It´s their stranglehold of flash that bugs me , I´ve already ditched their reader in favour of Foxit, we really need more sites to start using HTML5 so we can do without this necessary evil.
SoulStorm Brew
(10 items)
 
El Niño
(11 items)
 
 
CPUMotherboardRAMHard Drive
A8 7600 GA-F2A88XN-WIFI 2 x 4g GSkill Ripjaws 2133 Sammy 830 128g + 2.5 " Toshiba 1T  
CoolingOSMonitorPower
Modded stock FX cooler lapped + 92mm Tacens Aur... LG Flatron E2250V  420w Tacens radix IV  
CaseMouse
Silverstone grandia Loves to be touched  
CPUMotherboardGraphicsRAM
Athlon 5350 ASUS AM1I-A itx HD 8400 2 x 2gig Crucial ballistix tactical 1600 
Hard DriveCoolingOSMonitor
Sammy 830 64g + Toshiba 750g 2.5  stock + 120mm Skythe slipstream 32" LG 
KeyboardPowerCase
Tacens Levis  60w brick Akasa Crypto mini ITX 
  hide details  
Reply
SoulStorm Brew
(10 items)
 
El Niño
(11 items)
 
 
CPUMotherboardRAMHard Drive
A8 7600 GA-F2A88XN-WIFI 2 x 4g GSkill Ripjaws 2133 Sammy 830 128g + 2.5 " Toshiba 1T  
CoolingOSMonitorPower
Modded stock FX cooler lapped + 92mm Tacens Aur... LG Flatron E2250V  420w Tacens radix IV  
CaseMouse
Silverstone grandia Loves to be touched  
CPUMotherboardGraphicsRAM
Athlon 5350 ASUS AM1I-A itx HD 8400 2 x 2gig Crucial ballistix tactical 1600 
Hard DriveCoolingOSMonitor
Sammy 830 64g + Toshiba 750g 2.5  stock + 120mm Skythe slipstream 32" LG 
KeyboardPowerCase
Tacens Levis  60w brick Akasa Crypto mini ITX 
  hide details  
Reply
post #13 of 17
Quote:
Originally Posted by Schoat333 View Post

How does Adobe get credit card numbers? Do people actually buy their software? Why when there is better software available for free?
No free software comes close. One client can cover the cost for an entire suite or a year of service with creative cloud if you know what you are doing.
post #14 of 17
Quote:
Originally Posted by ChronoBodi View Post

is this the Sony hack fiasco all over again? Except it's Adobe this time.
Sony hack fiasco was that they did not even implement security operations. They did a lot of absurdly stupid things like use the same seed for hashes and storing customer data in plain.
Quote:
Originally Posted by GrizzleBoy View Post

Imo, these "leaks" and "hacks" are simply companies ways of letting us know that they are sharing info with the NSA or something.

This kind of announcement has become faaaaaar too common in far too short a space of time.

Is there a month that goes by where X large company "leaks"/"loses" information to an anonymous entity?
You have to realize how asymmetrical Internet security is. Companies have to cover massive areas with underfunded security (since security is not a profit center). They have to defend from small groups of elite hackers. When I mean elite... I really mean 733T. How do you defend from persistent threats and zero-days? It's H-A-R-D.

Quote:
Originally Posted by JoshHunter View Post

It's encrypted. Adobe is a pretty software-savvy company, I'm sure they have used an incredibly secure hash.
Not necessarily.... if the system was set up a few years ago, they probably would have used a secure enough hash at the time. However, GPGPU hashing has been a game changer in recent years and they may not have changed their cipher or increased iterations.
Quote:
Originally Posted by Schoat333 View Post

How does Adobe get credit card numbers? Do people actually buy their software? Why when there is better software available for free?
What free software comes even ballpark close to Adobe? I mean really? The complexity of the algorithms in some of their features is pretty mindblowing (i.e. unblurring photos).
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #15 of 17
Why the hell would your source code be available over the internet... BAD BAD BAD. Lock that down. Internet facing machines should be completely isolated from developers.

Unless social engineering is at play... and a developer leaving a backdoor VPN / VNC / Remote desktop connection open.
 
OC'in beast
(19 items)
 
 
CPUGraphicsRAMHard Drive
Snapdragon S4 Dual core 1500mhz Adreno 225  Samsung 2GB Dual-Channel 16GB Onboard Flash 
Hard DriveOSMonitorPower
32GB Class 6 SDXC Card Android 4.4.4 (Cyanogenmod 11M11) 4.8" AMOLED 1280x720 2100 mAh battery 
CaseOther
Otterbox Commuter Virgin Mobile 4G LTE 
CPUMotherboardGraphicsGraphics
AMD FX-8350 GIGABYTE GA-990FXA-UD3 AM3+  Radeon 7870 HD7870-DC2-2GD5-V2 Radeon 7870 HD7870-DC2-2GD5-V2 
RAMHard DriveHard DriveHard Drive
Mushkin 2 x 4GB DDR3 1600 997006 Corsair Force GT 240GB SSD Western Digital WD Black WD2002FAEX 2TB Western Digital WD Black WD2002FAEX 2TB 
CoolingOSMonitorMonitor
XSPC Raystorm 750 RX240 Windows 7 pro 64bit Dell U2312HM Dell U2312HM 
MonitorKeyboardPowerCase
Dell U2312HM OCN Ducky Mechanical Keyboard CORSAIR Professional Series HX750 Antec 1200 v3 
MouseMouse Pad
Logitech G5 Steel Series Starcraft 2 Kerigan Vs Zeratul 
  hide details  
Reply
 
OC'in beast
(19 items)
 
 
CPUGraphicsRAMHard Drive
Snapdragon S4 Dual core 1500mhz Adreno 225  Samsung 2GB Dual-Channel 16GB Onboard Flash 
Hard DriveOSMonitorPower
32GB Class 6 SDXC Card Android 4.4.4 (Cyanogenmod 11M11) 4.8" AMOLED 1280x720 2100 mAh battery 
CaseOther
Otterbox Commuter Virgin Mobile 4G LTE 
CPUMotherboardGraphicsGraphics
AMD FX-8350 GIGABYTE GA-990FXA-UD3 AM3+  Radeon 7870 HD7870-DC2-2GD5-V2 Radeon 7870 HD7870-DC2-2GD5-V2 
RAMHard DriveHard DriveHard Drive
Mushkin 2 x 4GB DDR3 1600 997006 Corsair Force GT 240GB SSD Western Digital WD Black WD2002FAEX 2TB Western Digital WD Black WD2002FAEX 2TB 
CoolingOSMonitorMonitor
XSPC Raystorm 750 RX240 Windows 7 pro 64bit Dell U2312HM Dell U2312HM 
MonitorKeyboardPowerCase
Dell U2312HM OCN Ducky Mechanical Keyboard CORSAIR Professional Series HX750 Antec 1200 v3 
MouseMouse Pad
Logitech G5 Steel Series Starcraft 2 Kerigan Vs Zeratul 
  hide details  
Reply
post #16 of 17
Quote:
Originally Posted by kevinf View Post

Why the hell would your source code be available over the internet... BAD BAD BAD. Lock that down. Internet facing machines should be completely isolated from developers.

Unless social engineering is at play... and a developer leaving a backdoor VPN / VNC / Remote desktop connection open.

I assume they did segregate their networks... if not, bad!

I am guessing this is a persistent attack.... they went spear-phishing, waterholed, and/or social engineered their way to an internal desktop. From the compromised machine, they moved onto other computers and finally getting to core servers. Anything less would mean Adobe's IT infrastructure is bad....
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #17 of 17
Quote:
Originally Posted by DuckieHo View Post

Sony hack fiasco was that they did not even implement security operations. They did a lot of absurdly stupid things like use the same seed for hashes and storing customer data in plain.
You have to realize how asymmetrical Internet security is. Companies have to cover massive areas with underfunded security (since security is not a profit center).

What many companies fail to realize is that it may not be a profit center, it can become a MONUMENTAL loss of revenue/brand trust if they continue to underfund it. I know you know this, I'm just saying it for others.
Finally...
(20 items)
 
  
CPUMotherboardGraphicsRAM
Intel 4930k asus rampage IV extreme black edition Nvidia GTX 1070 Founder's Edition 32GB Corsair Vengeance Pro DDR3-2400 
Hard DriveHard DriveOptical DriveCooling
Samsung 850 Pro 2TB WD Black ASUS Blu-ray combo, LiteOn dvdrw MCR320 
CoolingCoolingCoolingCooling
MCR320 MCP655 Heatkiller 3.0 Nickel plated EK Multi-Option 150 Res 
OSMonitorKeyboardPower
windows 10 Acer H243H Logitech G19 & Logitech G13 EVGA SuperNOVA 1300 G2 
CaseMouseMouse PadAudio
Mountain Mods U2-UFO Razer Mamba Razer Destructor Logitech G930 
  hide details  
Reply
Finally...
(20 items)
 
  
CPUMotherboardGraphicsRAM
Intel 4930k asus rampage IV extreme black edition Nvidia GTX 1070 Founder's Edition 32GB Corsair Vengeance Pro DDR3-2400 
Hard DriveHard DriveOptical DriveCooling
Samsung 850 Pro 2TB WD Black ASUS Blu-ray combo, LiteOn dvdrw MCR320 
CoolingCoolingCoolingCooling
MCR320 MCP655 Heatkiller 3.0 Nickel plated EK Multi-Option 150 Res 
OSMonitorKeyboardPower
windows 10 Acer H243H Logitech G19 & Logitech G13 EVGA SuperNOVA 1300 G2 
CaseMouseMouse PadAudio
Mountain Mods U2-UFO Razer Mamba Razer Destructor Logitech G930 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
  • [thenextweb] Adobe’s network compromised: 2.9 million customer names, encrypted credit and debit card numbers, and source code
Overclock.net › Forums › Industry News › Software News › [thenextweb] Adobe’s network compromised: 2.9 million customer names, encrypted credit and debit card numbers, and source code