Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Adobe Customer Security Compromised: 7 Facts
Newest First  |  Oldest First  |  Threaded View
David F. Carr
50%
50%
David F. Carr,
User Rank: Apprentice
10/7/2013 | 11:26:45 PM
re: Adobe Customer Security Compromised: 7 Facts
Fair to say it's not a best practice to retain CC data any longer than necessary?
AustinIT
50%
50%
AustinIT,
User Rank: Apprentice
10/6/2013 | 2:38:11 PM
re: Adobe Customer Security Compromised: 7 Facts
This is exactly why we have a huge amount of regulations on the books. We basically have to force people/companies to do the right thing. Sad, really.
macker490
50%
50%
macker490,
User Rank: Ninja
10/6/2013 | 11:39:05 AM
re: Adobe Customer Security Compromised: 7 Facts
you would, --eh?
when you use your credit card you are authorizing the merchant unrestricted access to your account -- to the expiration date on your card.

everyplace you use it

PCI is based on pen and paper. proper authntication of digital transactions has never been incorporated into the system .
moarsauce123
50%
50%
moarsauce123,
User Rank: Ninja
10/5/2013 | 1:17:09 PM
re: Adobe Customer Security Compromised: 7 Facts
I wonder why Adobe even held on to CC information. Throw it away once the transaction is done. Yes, the customer needs to key it in again the next time, but I rather type a few dozen characters than have my info stolen.
Do we really need to lobby lawmakers every single time to craft a law that enforces common sense?
WKash
50%
50%
WKash,
User Rank: Apprentice
10/5/2013 | 12:02:27 AM
re: Adobe Customer Security Compromised: 7 Facts
Scary that Adobe didn't spot this. And one more reason why never to reuse passwords .
Laurianne
50%
50%
Laurianne,
User Rank: Apprentice
10/4/2013 | 6:12:06 PM
re: Adobe Customer Security Compromised: 7 Facts
"But two different customers who received that email notification -- sent late Thursday, Pacific Time -- separately told InformationWeek that they'd initially dismissed the "important customer security alert" as spam."

The phishers are winning.
David F. Carr
50%
50%
David F. Carr,
User Rank: Apprentice
10/4/2013 | 5:28:17 PM
re: Adobe Customer Security Compromised: 7 Facts
Would the customer credit cards of past customers be at risk, or just people with some ongoing relationship like the newer subscription software options? I purchased a perpetual license to Creative Suite, but that was a couple of years ago, so I'd hope my credit card wouldn't still be stored anywhere.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
Google Cloud Debuts Threat-Detection Service
Robert Lemos, Contributing Writer,  9/23/2020
Shopify's Employee Data Theft Underscores Risk of Rogue Insiders
Kelly Sheridan, Staff Editor, Dark Reading,  9/23/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-24565
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25770
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25771
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25772
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25773
PUBLISHED: 2020-09-29
A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. User interaction is required to exploit this vulnerability in that the target must import a corrupted configuration file.