Attackers Compromise Adobe Connect User Site

Adobe is looking into an apparent compromise of one of its sites, the ConnectUsers forum. The company says that it is investigating reports of an attack on the site, which is a community site for users of Adobe’s Connect conferencing software.The reports of the compromise began to surface on Tuesday and Adobe security officials began looking into them, trying to determine whether there actually was an infiltration. It now appears that someone was able to compromise the database associated with the ConnectUsers site. The company has taken the site offline and is resetting passwords for users associated with the site.

Upwards of 30 major U.S. banks and financial institutions have been given a reprieve. The hacker behind a coordinated attack against giants such as Bank of America, Chase, Citibank, PNC, Wells Fargo and nearly two dozen other banks has called off the operation after media reports surfaced a month ago exposing the planned attacks.

With an update pushed out recently, Google has now added a new security feature to Chrome on OS X by placing the Adobe Flash Player inside a sandbox to prevent exploits against Flash from affecting the browser or the rest of the applications on the machine.

The term cyberwar has become a catch-all used by politicians, talking heads and others to encompass just about any online threat, regardless of the attacker or the target. Among security professionals, however, the word has a specific connotation–an attack by one nation against another nation’s infrastructure. Aside from the semantic issues, one of the major challenges for government agencies and security teams dealing with his problem is attribution and recognizing what constitutes an actual act of cyberwar. Stuxnet, Flame and their cousins may qualify, but more discussion is needed to help define the terms of these new conflicts, experts say.

Microsoft released its monthly security updates today and put special urgency on a cumulative security update for Internet Explorer 9. Critical vulnerabilities were found in the way the browser handles objects in memory which could lead to an attacker remotely executing code. Victims would have to land on a website hosting an exploit, Microsoft said. The company said there are no public exploits for this vulnerability.

 In the previous video in our how-to series, Securing Facebook, we reported that the social networking giant was rapidly approaching one billion active users. Facebook has since surpassed that mark. Considering that, we produced a video detailing and explaining how to implement some simple, built-in features on the world’s largest social network that should help keep your profiles as private as possible. 

The security of social networks and the people who use them every day has become a serious concern for enterprises and consumers alike. Millions of people rely on networks such as Facebook and Twitter to communicate and connect with friends and colleagues and attacks against the networks themselves and the users on them undermines some of the trust people place in them. Eugene Kaspersky, CEO of Kaspersky Lab, recently answered questions on the security concerns surrounding social media and what people can do to protect themselves on these networks.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.