Ruh-roh: Adobe breach is just the beginning, researcher says

4 Comments

The Adobe source code breach disclosed last week was scary. Perhaps scarier still is that the perpetrators have hit other as-yet unnamed companies.

There have been similar intrusions to other companies which are now being notified, security expert Alex Holden told the ThreatPost blog. It was Holden,  founder and chief information security officer (CISO)  of Hold Security, along with security blogger Brian Krebs, who uncovered the Adobe breach.

Talking to ThreatPost, a blog owned by Kaspersky Labs, a security company, Holden characterized this Adobe breach as

“one of the worst in U.S. history because the source code of an end user product such as Adobe Reader and Adobe Publisher was breached and leaked. This allows additional attack vectors to be discovered and viruses to be written for which there are no defenses.”

Adobe made the breach,which affected Acrobat, Acrobat Reader, ColdFusion and other applications, public late last week. The intruders apparently penetrated its security in late July or mid August.

4 Comments

Anonymous

Sorry to hear about the breach.

But at the same time I guess users should disable Adobe Reader/Flash in their browsers. IT should push that policy to all their user base.

P.C.

Open Source software has been dealing with bad guys scouring their code for years, surely Adobe can deal.

Comments are closed.