Adobe****officially confirmed database Hack
| Screenshot of Adobe's Hacked website " connectusers.com " |
Yesterday HackReports disclosed about the ADOBE HACK report which we got from a Pastebin note by ViruS_HimA which is now Officially confirmed by Adobe that one of its databases was hacked and website "connectusers.com" hacked is now temporarily down.
The Hacker even disclosed that he used a SQL Injection attack for breaching into the website which allowed him to dump the database in less requests than normal people do. He said that users passwords for the Adobe Connect users site were stored and hashed with MD5, he says, which made them "easy to crack" with freely available tools and even disclosed Adobe wasn't using WAFson the servers.
He said he only did that because Adobe was slow to respond to vulnerability disclosures and fixes. ViruS_HimA moaned that Adobe was a big company but they don't really take care of them security issues, When someone report vulnerability to them, It take five to seven days for the notification that they've received your report. The four months it takes to to patch the vulnerabilities is too long.