Overclock.net › Forums › Industry News › Software News › [thenextweb] Adobe’s network compromised: 2.9 million customer names, encrypted credit and debit card numbers, and source code
New Posts  All Forums:Forum Nav:

[thenextweb] Adobe’s network compromised: 2.9 million customer names, encrypted credit and debit card numbers, and source code - Page 2

post #11 of 17
Yo dawg, I heard you like the cloud, so we created the creative cloud.
post #12 of 17
It´s their stranglehold of flash that bugs me , I´ve already ditched their reader in favour of Foxit, we really need more sites to start using HTML5 so we can do without this necessary evil.
SoulStorm Brew
(10 items)
 
El Niño
(11 items)
 
 
CPUMotherboardRAMHard Drive
A8 7600 GA-F2A88XN-WIFI 2 x 4g GSkill Ripjaws 2133 Sammy 830 128g + 2.5 " Toshiba 1T  
CoolingOSMonitorPower
Modded stock FX cooler lapped + 92mm Tacens Aur... LG Flatron E2250V  420w Tacens radix IV  
CaseMouse
Silverstone grandia Loves to be touched  
CPUMotherboardGraphicsRAM
Athlon 5350 ASUS AM1I-A itx HD 8400 2 x 2gig Crucial ballistix tactical 1600 
Hard DriveCoolingOSMonitor
Sammy 830 64g + Toshiba 750g 2.5  stock + 120mm Skythe slipstream 32" LG 
KeyboardPowerCase
Tacens Levis  60w brick Akasa Crypto mini ITX 
  hide details  
Reply
SoulStorm Brew
(10 items)
 
El Niño
(11 items)
 
 
CPUMotherboardRAMHard Drive
A8 7600 GA-F2A88XN-WIFI 2 x 4g GSkill Ripjaws 2133 Sammy 830 128g + 2.5 " Toshiba 1T  
CoolingOSMonitorPower
Modded stock FX cooler lapped + 92mm Tacens Aur... LG Flatron E2250V  420w Tacens radix IV  
CaseMouse
Silverstone grandia Loves to be touched  
CPUMotherboardGraphicsRAM
Athlon 5350 ASUS AM1I-A itx HD 8400 2 x 2gig Crucial ballistix tactical 1600 
Hard DriveCoolingOSMonitor
Sammy 830 64g + Toshiba 750g 2.5  stock + 120mm Skythe slipstream 32" LG 
KeyboardPowerCase
Tacens Levis  60w brick Akasa Crypto mini ITX 
  hide details  
Reply
post #13 of 17
Quote:
Originally Posted by Schoat333 View Post

How does Adobe get credit card numbers? Do people actually buy their software? Why when there is better software available for free?
No free software comes close. One client can cover the cost for an entire suite or a year of service with creative cloud if you know what you are doing.
post #14 of 17
Quote:
Originally Posted by ChronoBodi View Post

is this the Sony hack fiasco all over again? Except it's Adobe this time.
Sony hack fiasco was that they did not even implement security operations. They did a lot of absurdly stupid things like use the same seed for hashes and storing customer data in plain.
Quote:
Originally Posted by GrizzleBoy View Post

Imo, these "leaks" and "hacks" are simply companies ways of letting us know that they are sharing info with the NSA or something.

This kind of announcement has become faaaaaar too common in far too short a space of time.

Is there a month that goes by where X large company "leaks"/"loses" information to an anonymous entity?
You have to realize how asymmetrical Internet security is. Companies have to cover massive areas with underfunded security (since security is not a profit center). They have to defend from small groups of elite hackers. When I mean elite... I really mean 733T. How do you defend from persistent threats and zero-days? It's H-A-R-D.

Quote:
Originally Posted by JoshHunter View Post

It's encrypted. Adobe is a pretty software-savvy company, I'm sure they have used an incredibly secure hash.
Not necessarily.... if the system was set up a few years ago, they probably would have used a secure enough hash at the time. However, GPGPU hashing has been a game changer in recent years and they may not have changed their cipher or increased iterations.
Quote:
Originally Posted by Schoat333 View Post

How does Adobe get credit card numbers? Do people actually buy their software? Why when there is better software available for free?
What free software comes even ballpark close to Adobe? I mean really? The complexity of the algorithms in some of their features is pretty mindblowing (i.e. unblurring photos).
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #15 of 17
Why the hell would your source code be available over the internet... BAD BAD BAD. Lock that down. Internet facing machines should be completely isolated from developers.

Unless social engineering is at play... and a developer leaving a backdoor VPN / VNC / Remote desktop connection open.
OC'in beast
(21 items)
 
  
CPUMotherboardGraphicsGraphics
AMD FX-8350 (Vishera) Gigabyte GA-990XA AMD 285X (unreleased) AMD 285X (unreleased) 
RAMHard DriveHard DriveHard Drive
Mushkin Enhanced Blackline 8GB (996679) Western Digital WD10EALS 1TB Blue Corsair Force Series GT CSSD-F180GBGT-BK 180GB Intel 530 Series SSDSC2BW240A401 240GB 
Optical DriveCoolingCoolingCooling
Sony 20X Sata DVD-RW Scythe Mugen 2 rev B (3) Scythe Slip Stream SY1225SL12H-P Antec Tri-Cool 140mm 
CoolingCoolingOSMonitor
Antec Tri-Cool 120mm Scythe Ultra Kaze DFS123812-3000 Windows 7 Pro 64bit ASUS PA248Q 24.1" IPS 
KeyboardPowerCaseMouse
Coolermaster Storm QuickFire Stealth Cherry MX ... Antec Earthwatts EA-750 Antec 300 Logitech G5 
Mouse Pad
Steel Series Starcraft 2 Marine 
  hide details  
Reply
OC'in beast
(21 items)
 
  
CPUMotherboardGraphicsGraphics
AMD FX-8350 (Vishera) Gigabyte GA-990XA AMD 285X (unreleased) AMD 285X (unreleased) 
RAMHard DriveHard DriveHard Drive
Mushkin Enhanced Blackline 8GB (996679) Western Digital WD10EALS 1TB Blue Corsair Force Series GT CSSD-F180GBGT-BK 180GB Intel 530 Series SSDSC2BW240A401 240GB 
Optical DriveCoolingCoolingCooling
Sony 20X Sata DVD-RW Scythe Mugen 2 rev B (3) Scythe Slip Stream SY1225SL12H-P Antec Tri-Cool 140mm 
CoolingCoolingOSMonitor
Antec Tri-Cool 120mm Scythe Ultra Kaze DFS123812-3000 Windows 7 Pro 64bit ASUS PA248Q 24.1" IPS 
KeyboardPowerCaseMouse
Coolermaster Storm QuickFire Stealth Cherry MX ... Antec Earthwatts EA-750 Antec 300 Logitech G5 
Mouse Pad
Steel Series Starcraft 2 Marine 
  hide details  
Reply
post #16 of 17
Quote:
Originally Posted by kevinf View Post

Why the hell would your source code be available over the internet... BAD BAD BAD. Lock that down. Internet facing machines should be completely isolated from developers.

Unless social engineering is at play... and a developer leaving a backdoor VPN / VNC / Remote desktop connection open.

I assume they did segregate their networks... if not, bad!

I am guessing this is a persistent attack.... they went spear-phishing, waterholed, and/or social engineered their way to an internal desktop. From the compromised machine, they moved onto other computers and finally getting to core servers. Anything less would mean Adobe's IT infrastructure is bad....
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #17 of 17
Quote:
Originally Posted by DuckieHo View Post

Sony hack fiasco was that they did not even implement security operations. They did a lot of absurdly stupid things like use the same seed for hashes and storing customer data in plain.
You have to realize how asymmetrical Internet security is. Companies have to cover massive areas with underfunded security (since security is not a profit center).

What many companies fail to realize is that it may not be a profit center, it can become a MONUMENTAL loss of revenue/brand trust if they continue to underfund it. I know you know this, I'm just saying it for others.
Finally...
(20 items)
 
  
CPUMotherboardGraphicsRAM
Intel 4930k asus rampage IV extreme black edition Nvidia GTX 1070 Founder's Edition 32GB Corsair Vengeance Pro DDR3-2400 
Hard DriveHard DriveOptical DriveCooling
Samsung 850 Pro 2TB WD Black ASUS Blu-ray combo, LiteOn dvdrw MCR320 
CoolingCoolingCoolingCooling
MCR320 MCP655 Heatkiller 3.0 Nickel plated EK Multi-Option 150 Res 
OSMonitorKeyboardPower
windows 10 Acer H243H Logitech G19 & Logitech G13 EVGA SuperNOVA 1300 G2 
CaseMouseMouse PadAudio
Mountain Mods U2-UFO Razer Mamba Razer Destructor Logitech G930 
  hide details  
Reply
Finally...
(20 items)
 
  
CPUMotherboardGraphicsRAM
Intel 4930k asus rampage IV extreme black edition Nvidia GTX 1070 Founder's Edition 32GB Corsair Vengeance Pro DDR3-2400 
Hard DriveHard DriveOptical DriveCooling
Samsung 850 Pro 2TB WD Black ASUS Blu-ray combo, LiteOn dvdrw MCR320 
CoolingCoolingCoolingCooling
MCR320 MCP655 Heatkiller 3.0 Nickel plated EK Multi-Option 150 Res 
OSMonitorKeyboardPower
windows 10 Acer H243H Logitech G19 & Logitech G13 EVGA SuperNOVA 1300 G2 
CaseMouseMouse PadAudio
Mountain Mods U2-UFO Razer Mamba Razer Destructor Logitech G930 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
  • [thenextweb] Adobe’s network compromised: 2.9 million customer names, encrypted credit and debit card numbers, and source code
Overclock.net › Forums › Industry News › Software News › [thenextweb] Adobe’s network compromised: 2.9 million customer names, encrypted credit and debit card numbers, and source code