Featured Articles

Intel releases tiny 3G cell modem

Intel releases tiny 3G cell modem

Intel has released a 3G cellular modem with an integrated power amplifier that fits into a 300 mm2 footprint, claiming it…

More...
Braswell 14nm Atom slips to Q2 15

Braswell 14nm Atom slips to Q2 15

It's not all rosy in the house of Intel. It seems that upcoming Atom out-of-order cores might be giving this semiconductor…

More...
TSMC 16nm wafers coming in Q1 2015

TSMC 16nm wafers coming in Q1 2015

TSMC will start producing 16nm wafers in the first quarter of 2015. Sometime in the second quarter production should ramp up…

More...
Skylake-S LGA is 35W to 95W TDP part

Skylake-S LGA is 35W to 95W TDP part

Skylake-S is the ‘tock’ of the Haswell architecture and despite being delayed from the original plan, this desktop part is scheduled…

More...
Aerocool Dead Silence reviewed

Aerocool Dead Silence reviewed

Aerocool is well known for its gamer cases with aggressive styling. However, the Dead Silence chassis offers consumers a new choice,…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Thursday, 15 November 2012 10:50

Adobe confirms database hack

Written by Nick Farrell



SQL injection exploit used


Adobe has confirmed that one of its databases was hacked and it had temporarily taken offline the Connectusers.com website which was hit.

The hacker told Dark Reading he used a SQL injection exploit in the breach. The hacker comes from Egypt hacker and goes by the handle "ViruS_HimA." He said he dumped a database of 150,000 emails and passwords of Adobe customers and partners. The affected accounts include Adobe employees, US military users including US Air Force users, and users from Google, NASA, universities, and other companies.

The hacker said it was a SQL Injection vulnerability which allowed him to dump the database in less requests than normal people do. He said that users passwords for the Adobe Connect users site were stored and hashed with MD5, he says, which made them "easy to crack" with freely available tools. ViruS_HimA leaked only some of the affected emails, including some from @ "adobe.com", "*.mil", and "*.gov," with a screen shot in his Pastebin post.

He said he only did that because Adobe was slow to respond to vulnerability disclosures and fixes. ViruS_HimA  moaned that Adobe was a  big company but they don't really take care of them security issues, When someone report vulnerability to them, It take five to seven days for the notification that they've received your report.  The four months it takes to to patch the vulnerabilities is too long.

Nick Farrell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments