Adobe should be ditched en masse. They've been a massive target for hackers for years along with Java, and they still can't act responsibly. At least Microsoft took the beatings of Sasser, Blaster, etc. and came back with a proper security mindset. To top it off their code is still the most bloated piece of garbage I have to deal with when it comes to delivering apps. I hope this puts them out of business.
Rant off ;-) On 4 October 2013 15:52, Kennedy, Jim <[email protected]> wrote: > We are mapping out a very quick migration to Foxit.**** > > ** ** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Ziots, Edward > *Sent:* Friday, October 4, 2013 10:50 AM > > *To:* [email protected] > *Subject:* RE: [NTSysADM] RE: Adobe Customer Data breached**** > > ** ** > > The worst part about it was that some of there source code was stolen > also, which allows those whom stole it into a treasure trove of possible > unknown vulnerabilities due to flaws in the code which could bring around > the next wave of attacks on the PDF/Flash aspects, which are used > everywhere therefore the impact felt around the world might be very high. I > am assuming we might see some of these new 0 days in specific web > exploitation kits in the not-so near future. **** > > ** ** > > Z**** > > ** ** > > Edward E. Ziots, CISSP, CISA, Security +, Network +**** > > Security Engineer**** > > Lifespan Organization**** > > [email protected]**** > > Work:401-255-2497**** > > ** ** > > ** ** > > This electronic message and any attachments may be privileged and > confidential and protected from disclosure. If you are reading this > message, but are not the intended recipient, nor an employee or agent > responsible for delivering this message to the intended recipient, you are > hereby notified that you are strictly prohibited from copying, printing, > forwarding or otherwise disseminating this communication. If you have > received this communication in error, please immediately notify the sender > by replying to the message. Then, delete the message from your computer. > Thank you.**** > > *[image: Description: Description: Lifespan]* > > ** ** > > ** ** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Stefan Jafs > *Sent:* Friday, October 04, 2013 10:39 AM > *To:* [email protected] > *Subject:* RE: [NTSysADM] RE: Adobe Customer Data breached**** > > ** ** > > Yeah, they sent me an re-set password link this morning and a lengthy > apology e-mail yesterday.**** > > ** ** > > __________________________________**** > > *Stefan Jafs***** > > ** ** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Ziots, Edward > *Sent:* Friday, October 4, 2013 10:02 > *To:* [email protected] > *Subject:* RE: [NTSysADM] RE: Adobe Customer Data breached**** > > ** ** > > Its much more than that. **** > > ** ** > > Z**** > > ** ** > > Edward E. Ziots, CISSP, CISA, Security +, Network +**** > > Security Engineer**** > > Lifespan Organization**** > > [email protected]**** > > Work:401-255-2497**** > > ** ** > > ** ** > > This electronic message and any attachments may be privileged and > confidential and protected from disclosure. If you are reading this > message, but are not the intended recipient, nor an employee or agent > responsible for delivering this message to the intended recipient, you are > hereby notified that you are strictly prohibited from copying, printing, > forwarding or otherwise disseminating this communication. If you have > received this communication in error, please immediately notify the sender > by replying to the message. Then, delete the message from your computer. > Thank you.**** > > *[image: Description: Description: Lifespan]* > > ** ** > > ** ** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *James Rankin > *Sent:* Friday, October 04, 2013 9:06 AM > *To:* [email protected] > *Subject:* Re: [NTSysADM] RE: Adobe Customer Data breached**** > > ** ** > > Or a ColdFusion one**** > > ** ** > > On 4 October 2013 14:04, Richard McClary <[email protected]> > wrote:**** > > Can’t help wondering if someone missed a Flash update**** > > **** > > --**** > > richard**** > > **** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Ziots, Edward > *Sent:* Friday, October 04, 2013 8:00 AM > *To:* [email protected] > *Subject:* [NTSysADM] Adobe Customer Data breached**** > > **** > > > http://nakedsecurity.sophos.com/2013/10/04/adobe-owns-up-to-getting-pwned-login-and-credit-card-data-probably-stolen-all-passwords-reset/?utm_source=Naked+Security+-+Sophos+List&utm_medium=email&utm_campaign=93ed7d3d97-naked%252Bsecurity&utm_term=0_31623bb782-93ed7d3d97-454838729 > **** > > **** > > Z**** > > **** > > Edward E. Ziots, CISSP, CISA, Security +, Network +**** > > Security Engineer**** > > Lifespan Organization**** > > [email protected]**** > > Work:401-255-2497**** > > **** > > **** > > This electronic message and any attachments may be privileged and > confidential and protected from disclosure. If you are reading this > message, but are not the intended recipient, nor an employee or agent > responsible for delivering this message to the intended recipient, you are > hereby notified that you are strictly prohibited from copying, printing, > forwarding or otherwise disseminating this communication. If you have > received this communication in error, please immediately notify the sender > by replying to the message. Then, delete the message from your computer. > Thank you.**** > > *[image: Description: Description: Lifespan]***** > > **** > > **** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Webster > *Sent:* Friday, October 04, 2013 8:13 AM > *To:* [email protected] > *Subject:* [NTSysADM] RE: Account Utility**** > > **** > > Very few (of the sites I go to) ever look at the privileged accounts. The > last assessment I did had over 100 DA accounts and almost as many EA and SA > accounts. The majority of their service accounts were in all three > groups!!! Until I ran MBS’ script, they had no idea how many local SQL > Server and SQL Express installs had been done using the domain’s SQL > Service account and that account was a member of all three privileged > groups.**** > > **** > > **** > > Webster**** > > **** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Free, Bob > *Sent:* Thursday, October 03, 2013 11:52 PM > *To:* [email protected] > *Subject:* [NTSysADM] RE: Account Utility**** > > **** > > The first two I get, the third is really hard to comprehend.**** > > **** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Webster > *Sent:* Thursday, October 03, 2013 8:09 AM > *To:* [email protected] > *Subject:* [NTSysADM] RE: Account Utility**** > > **** > > MBS’ script works like a charm. I have used it when doing assessments for > AD migrations. I have NEVER seen an IT org that knew every service account > used, where they were used or how many of those service accounts had domain > admins privileges.**** > > **** > > Webster**** > > **** > > **** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Michael B. Smith > *Sent:* Thursday, October 03, 2013 11:00 AM > *To:* [email protected] > *Subject:* [NTSysADM] RE: Account Utility**** > > **** > > > http://theessentialexchange.com/blogs/michael/archive/2008/02/29/finding-services-using-non-system-accounts-with-powershell.aspx > **** > > **** > > **** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Steve Norton > *Sent:* Thursday, October 3, 2013 8:10 AM > *To:* [email protected] > *Subject:* [NTSysADM] Account Utility**** > > **** > > A long time ago I used a utility that showed me what account services were > running under on all my servers. My environment is Windows 2003 and 2008 > R2. Ideally this would be a utility that I can run from a Windows 7 > workstation against servers. Suggestions appreciated.**** > > **** > ------------------------------ > > PG&E is committed to protecting our customers' privacy. > To learn more, please visit > http://www.pge.com/about/company/privacy/customer/**** > ------------------------------ > > > The information contained in this e-mail, and any attachments hereto, is > from The American Society for the Prevention of Cruelty to Animals® > (ASPCA®) and is intended only for use by the addressee(s) named herein and > may contain legally privileged and/or confidential information. If you are > not the intended recipient of this e-mail, you are hereby notified that any > dissemination, distribution, copying or use of the contents of this e-mail, > and any attachments hereto, is strictly prohibited. If you have received > this e-mail in error, please immediately notify me by reply email and > permanently delete the original and any copy of this e-mail and any > printout thereof. **** > > > > **** > > ** ** > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk**** > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk
<<image001.jpg>>
