The Long Tail of ColdFusion Fail

ronjor · Mar 17, 2014

Earlier this month, I published a story about a criminal hacking gang using Adobe ColdFusion vulnerabilities to build a botnet of hacked e-commerce sites that were milked for customer credit card data. Today’s post examines the impact that this botnet has had on several businesses, as well as the important and costly lessons these companies learned from the intrusions.
Click to expand...

http://krebsonsecurity.com/2014/03/the-long-tail-of-coldfusion-fail/

Dermot7 · Mar 18, 2014

ColdFusion Botnet Connection?
Click to expand...

http://blog.spiderlabs.com/2014/03/coldfusion-admin-compromise-analysis-cve-2010-2861.html

Dermot7 · Apr 15, 2014

High quality digital storage manufacturer LaCie has suffered a data breach. The company says cybercriminals used a piece of malware to steal information on transactions made through the LaCie website.
According to an incident notification posted on the company’s website, the hackers could have obtained usernames, passwords, names, addresses, email addresses, credit and debit card numbers and card expiration dates.

A forensic investigation firm has been called in to analyze the breach. All individuals who made transactions on the LaCie website between March 27, 2013, and March 10, 2014 are impacted.
Click to expand...

http://news.softpedia.com/news/Digital-Storage-Company-LaCie-Hacked-437753.shtml

Dermot7 · Apr 15, 2014

Computer hard drive maker LaCie has acknowledged that a hacker break-in at its online store exposed credit card numbers and contact information on customers for the better part of the past year. The disclosure comes almost a month after the breach was first disclosed by KrebsOnSecurity.
Click to expand...

Hardware Giant LaCie Acknowledges Year-Long Credit Card Breach — Krebs on Security

Could this be merged into the earlier ColdFusion thread, please? The Long Tail of ColdFusion Fail | Wilders Security Forums

siljaline · Apr 16, 2014

Based on the thread synopsis - one could have missed this pertains to LaCie

#JustSaying

Dermot7 · Apr 16, 2014

The malware involved in the breach at LaCie is different, and is actually part of a massive botnet that leverages a vulnerability present in outdated versions of a web application platform called Adobe Coldfusion, a platform that many website proprietors use.
Click to expand...

LaCie Data Breach – Part of a Larger Malware Trend | Emsisoft Blog

siljaline · Apr 16, 2014

LaCie admits to year-long credit card breach
French hardware company, now a Seagate subsidiary, says virtually everyone who shopped on LaCie's Web site in the last year is at risk.

LaCie is the latest major retailer and tech company finding itself to be the target of a major security breach by unknown assailants.

The French hardware company confirmed in a statement on Tuesday that malware successfully made its way through to access sensitive customer information stemming from transactions on its website.

Here's where things get really bad: Virtually everyone who shopped on LaCie's website in the last year is at risk.

LaCie, which is set to merge with American hard drive maker Seagate, said it was informed about the breach on March 19, 2014 by the FBI.
Click to expand...

http://www.cnet.com/news/lacie-admits-to-year-long-credit-card-breach/

siljaline · Apr 16, 2014

Hardware giant LaCie: We’ve been leaking credit card data for a year, thanks to Adobe

French hardware company LaCie, which advertises its products as secure data storage, is the latest hacker-breached company — and this one’s a doozie.

The hard drive maker this week confessed to a year-long credit card breach at its online store. LaCie, owned by Seagate, said in an advisory that an unauthorized party may have gained access to customers’ credit card numbers and expiration dates as well as names, emails, and addresses for all transactions between March 27, 2013, and March 10, 2014.
Click to expand...

http://venturebeat.com/2014/04/16/h...-credit-card-data-for-a-year-thanks-to-adobe/

Log in or Sign up

The Long Tail of ColdFusion Fail

ronjor Global Moderator

Dermot7 Registered Member

Dermot7 Registered Member

Dermot7 Registered Member

siljaline Registered Member

Dermot7 Registered Member

siljaline Registered Member

siljaline Registered Member

Log in or Sign up

The Long Tail of ColdFusion Fail

ronjor Global Moderator

Dermot7 Registered Member

Dermot7 Registered Member

Dermot7 Registered Member

siljaline Registered Member

Dermot7 Registered Member

siljaline Registered Member

siljaline Registered Member

Useful Searches