Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > News > Tech News > Adobe reveals details of two-month-old server intrusion

Adobe reveals details of two-month-old server intrusion
Thread Tools
MacNN Staff
Join Date: Jul 2012
Status: Offline
Reply With Quote
Sep 27, 2012, 07:20 PM
 
Adobe warned today that an internal digital code signing server was hacked by "sophisticated threat actors" focusing on Adobe. The early-July hack led to the compilation of a minimum of two malicious files that were digitally signed and authenticated as Adobe genuine software. The hack gave the attackers the means to build malware that the operating system views as legitimate Adobe-created software, making it that much harder for security packages to detect and eliminate the threat.

Adobe security chief Brad Arkin noted that "The first malicious utility we received is 'pwdump7 v7.1.' This utility extracts password hashes from the Windows OS and is sometimes used as a single file" linking OpenSSL to Windows. Temporarily, Adobe's new signing solution includes an offline human validation step to guarantee all new signatures are actually Adobe software. "We are in the process of designing and deploying a new, permanent signing solution," Arkin added. Few details of the actual breach were provided, except that it affected a build server with access to the verification routines. Arkin admitted that the server didn't comply with "Adobe corporate standards for a build server" and are "investigating why our code signing access provisioning process in this case failed to identify these deficiencies." Adobe claims that no source code was stolen during the intrusion. The impacted certificates will be revoked on October 4, 2012. All code signed by Adobe after July 10, 2012 is impacted by the certificate revocation.
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -4. The time now is 03:15 AM.
All contents of these forums © 1995-2015 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2015, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2