Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Adobe Systems has revealed that the cyber attack that hit its corporate network earlier this month is likely to have been connected with the hacking attack on Google which may lead the web giant to pull its operations out of China.Commentators speculated that the two incidents were connected after Adobe revealed in a blog posting on Tuesday that it "became aware on January 2, 2010 of a computer security incident involving a sophisticated, co-ordinated attack against corporate network systems managed by Adobe and other companies".The statement appeared only a short time after Google published its initial blog posting detailing the Chinese hacking activity on its own systems, fuelling the speculation."The two incidents appear to be related given the timing of the discoveries, but until the investigation is completed, we won't be able to confirm. The investigation into the incident is still ongoing," Adobe said in a statement. However, Adobe is remaining pretty tight-lipped over whether the hackers originally tried to gain entry into Google's systems by exploiting a PDF vulnerability."At this time, we have no evidence to suggest that a vulnerability in Adobe technology was an vector in the attack against Adobe or other companies involved. Our investigation is still ongoing," read the statement.Security experts beg to differ, however. F-Secure chief research officer Mikko Hyppönen wrote in a blog posting yesterday: "We believe the attack was launched via a convincing email with an exploit-ridden PDF attachment."In addition, VeriSign's iDefense managed security services arm said in statement that the attacks bear a striking resemblance to those carried out in July last year against around 100 Silicon Valley firms."The July attack employed a PDF file that exploited a zero-day vulnerability in Adobe Reader," said iDefense."According to sources familiar with the present attack, attackers delivered malicious code used against Google and others using PDFs as email attachments. In both attacks, the malicious files drop a backdoor Trojan in the form of a Windows DLL."Google stated in its original posting that the attacks were widespread, affecting at least 20 other companies in areas such as internet, finance, technology, media and chemicals.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.