4 Comments

Summary:

Other as-yet-unnamed companies have also been compromised, security whiz Alex Holden tells The ThreatPost blog.

cloud security

The Adobe source code breach disclosed last week was scary. Perhaps scarier still is that the perpetrators have hit other as-yet unnamed companies.

There have been similar intrusions to other companies which are now being notified, security expert Alex Holden told the ThreatPost blog. It was Holden,  founder and chief information security officer (CISO)  of Hold Security, along with security blogger Brian Krebs, who uncovered the Adobe breach.

Talking to ThreatPost, a blog owned by Kaspersky Labs, a security company, Holden characterized this Adobe breach as

“one of the worst in U.S. history because the source code of an end user product such as Adobe Reader and Adobe Publisher was breached and leaked. This allows additional attack vectors to be discovered and viruses to be written for which there are no defenses.”

Adobe made the breach,which affected Acrobat, Acrobat Reader, ColdFusion and other applications, public late last week. The intruders apparently penetrated its security in late July or mid August.

  1. Joe Mastroianni Monday, October 7, 2013

    You’ve been formatting ColdFusion wrong. It’s a single camel cased word, not two words.

    http://www.adobe.com/ca/products/coldfusion-family.html

    Share
    1. You are right. Corrected now. Thanks for the note.

      Share
  2. Open Source software has been dealing with bad guys scouring their code for years, surely Adobe can deal.

    Share
  3. Sorry to hear about the breach.

    But at the same time I guess users should disable Adobe Reader/Flash in their browsers. IT should push that policy to all their user base.

    Share

Comments have been disabled for this post