[Micronet] adobe password reset email

classic Classic list List threaded Threaded
14 messages Options
Reply | Threaded
Open this post in threaded view
|

[Micronet] adobe password reset email

Joyce Martin

Hi

Today I received an email and am not sure if it is legit or a phish.  It looks legit.  When we first received access to the Adobe Master Collection using the campus download site (years? ago), I was asked to create an Adobe password (I did). 

 

Now I have an email saying “We recently discovered that an attacker illegally entered our network and may have obtained access to your Adobe ID and encrypted password. We currently have no indication that there has been unauthorized activity on your account….”

 

Did anyone else get this email?

 

 

 

Joyce Martin

Business Systems Analyst

Facilities Services Information Technology

2000 Carleton

Berkeley, CA  94720-1380

(510) 643-1485

 

calshare links – log in like this:  CAMPUS\yourcalnetID     Password: your calnet passphrase

Joyce's Blog on Google Apps - bCal bMail Drive

FSITSupport Website

Universal Desktop User Info – Prep Info, How To’s, Discussion Board

 

 

 


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] adobe password reset email

John McChesney-Young
Unfortunately it's the real thing. See _inter alia_:

http://krebsonsecurity.com/2013/10/adobe-to-announce-source-code-customer-data-breach/
http://arstechnica.com/security/2013/10/adobe-source-code-and-customer-data-stolen-in-sustained-network-hack/
http://www.pcmag.com/article2/0,2817,2425215,00.asp

John

***

On Wed, Oct 9, 2013 at 4:45 PM, Joyce MARTIN <[hidden email]> wrote:

> Hi
>
> Today I received an email and am not sure if it is legit or a phish.  It
> looks legit.  When we first received access to the Adobe Master Collection
> using the campus download site (years? ago), I was asked to create an Adobe
> password (I did).
>
> Now I have an email saying “We recently discovered that an attacker
> illegally entered our network and may have obtained access to your Adobe ID
> and encrypted password. We currently have no indication that there has been
> unauthorized activity on your account….”



--
John McChesney-Young, Administrative Assistant
History of Art Department, 416 Doe MC6020
U. C. Berkeley, Berkeley CA 94720-6020
[hidden email] // voice 1-510-642-5511 // fax 1-510-643-2185

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] adobe password reset email

Greg Paschall-2
In reply to this post by Joyce Martin
Hi Joyce,

It's legitimate. 2.9 million Adobe customer accounts were compromized. Adobe announced it last week.

Greg

On Oct 9, 2013, at 4:45 PM, Joyce MARTIN <[hidden email]> wrote:

> Hi
> Today I received an email and am not sure if it is legit or a phish.  It looks legit.  When we first received access to the Adobe Master Collection using the campus download site (years? ago), I was asked to create an Adobe password (I did).
>  
> Now I have an email saying “We recently discovered that an attacker illegally entered our network and may have obtained access to your Adobe ID and encrypted password. We currently have no indication that there has been unauthorized activity on your account….”
>  
> Did anyone else get this email?
>  
>  
>  
> Joyce Martin
> Business Systems Analyst
> Facilities Services Information Technology
> 2000 Carleton
> Berkeley, CA  94720-1380
> (510) 643-1485
>  
> calshare links – log in like this:  CAMPUS\yourcalnetID     Password: your calnet passphrase
> Joyce's Blog on Google Apps - bCal bMail Drive
> FSITSupport Website
> Universal Desktop User Info – Prep Info, How To’s, Discussion Board
>  
>  
>  
>
> -------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>
> http://micronet.berkeley.edu
>
> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.



---
Greg Paschall -- [hidden email]
Deputy IT Officer
Space Sciences Lab - University of California, Berkeley
510-643-6907 -- 510-725-5855 (c) -- 510-643-7629 (f)





 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] adobe password reset email

Guy D. VINSON
In reply to this post by Joyce Martin
Likely real... adobe got hacked and had about 3 million accounts compromised. I tried to use my old adobe id today and was directed to change my account password. 


Guy Vinson
Infrastructure & IT
College of Environmental Design
University of California at Berkeley
510-842-7199



On Wed, Oct 9, 2013 at 4:45 PM, Joyce MARTIN <[hidden email]> wrote:

Hi

Today I received an email and am not sure if it is legit or a phish.  It looks legit.  When we first received access to the Adobe Master Collection using the campus download site (years? ago), I was asked to create an Adobe password (I did). 

 

Now I have an email saying “We recently discovered that an attacker illegally entered our network and may have obtained access to your Adobe ID and encrypted password. We currently have no indication that there has been unauthorized activity on your account….”

 

Did anyone else get this email?

 

 

 

Joyce Martin

Business Systems Analyst

Facilities Services Information Technology

2000 Carleton

Berkeley, CA  94720-1380

(510) 643-1485

 

calshare links – log in like this:  CAMPUS\yourcalnetID     Password: your calnet passphrase

Joyce's Blog on Google Apps - bCal bMail Drive

FSITSupport Website

Universal Desktop User Info – Prep Info, How To’s, Discussion Board

 

 

 



-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.



 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] adobe password reset email

John Torres-O'Callaghan
It's a good idea to log in Adobe on your own instead of clicking on any links in the e-mail - someone could be sending out a scam based on a real incident.


-- 
John Torres-O'Callaghan
IS&T Storage and Backup Administrator
University of California, Berkeley
[hidden email]


On Wed, Oct 9, 2013 at 4:53 PM, Guy D. VINSON <[hidden email]> wrote:
Likely real... adobe got hacked and had about 3 million accounts compromised. I tried to use my old adobe id today and was directed to change my account password. 


Guy Vinson
Infrastructure & IT
College of Environmental Design
University of California at Berkeley
510-842-7199



On Wed, Oct 9, 2013 at 4:45 PM, Joyce MARTIN <[hidden email]> wrote:

Hi

Today I received an email and am not sure if it is legit or a phish.  It looks legit.  When we first received access to the Adobe Master Collection using the campus download site (years? ago), I was asked to create an Adobe password (I did). 

 

Now I have an email saying “We recently discovered that an attacker illegally entered our network and may have obtained access to your Adobe ID and encrypted password. We currently have no indication that there has been unauthorized activity on your account….”

 

Did anyone else get this email?

 

 

 

Joyce Martin

Business Systems Analyst

Facilities Services Information Technology

2000 Carleton

Berkeley, CA  94720-1380

(510) 643-1485

 

calshare links – log in like this:  CAMPUS\yourcalnetID     Password: your calnet passphrase

Joyce's Blog on Google Apps - bCal bMail Drive

FSITSupport Website

Universal Desktop User Info – Prep Info, How To’s, Discussion Board

 

 

 



-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.




-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.



 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] adobe password reset email

paul rivers

Yes, exactly. Thanks for pointing this out John. There's no doubt we'll
see phishes that try to masquerade as the real thing.

Paul

On 10/09/2013 04:58 PM, John Torres-O'Callaghan wrote:

> It's a good idea to log in Adobe on your own instead of clicking on any
> links in the e-mail - someone could be sending out a scam based on a
> real incident.
>
>
> --
> John Torres-O'Callaghan
> IS&T Storage and Backup Administrator
> University of California, Berkeley
> [hidden email] <mailto:[hidden email]>
>
>
> On Wed, Oct 9, 2013 at 4:53 PM, Guy D. VINSON <[hidden email]
> <mailto:[hidden email]>> wrote:
>
>     Likely real... adobe got hacked and had about 3 million accounts
>     compromised. I tried to use my old adobe id today and was directed
>     to change my account password.
>
>
>     Guy Vinson
>     Infrastructure & IT
>     College of Environmental Design
>     University of California at Berkeley
>     510-842-7199
>
>
>     On Wed, Oct 9, 2013 at 4:45 PM, Joyce MARTIN
>     <[hidden email] <mailto:[hidden email]>> wrote:
>
>         Hi
>
>         Today I received an email and am not sure if it is legit or a
>         phish.  It looks legit.  When we first received access to the
>         Adobe Master Collection using the campus download site (years?
>         ago), I was asked to create an Adobe password (I did).
>
>          
>
>         Now I have an email saying “We recently discovered that an
>         attacker illegally entered our network and may have obtained
>         access to your Adobe ID and encrypted password. We currently
>         have no indication that there has been unauthorized activity on
>         your account….”
>
>          
>
>         Did anyone else get this email?
>
>          
>
>          
>
>          
>
>         Joyce Martin
>
>         Business Systems Analyst
>
>         Facilities Services Information Technology
>
>         2000 Carleton
>
>         Berkeley, CA  94720-1380
>
>         (510) 643-1485
>
>          
>
>         calshare links – log in like this:  CAMPUS\yourcalnetID    
>         Password: your calnet passphrase
>
>         *Joyce's Blog on Google Apps - bCal bMail Drive
>         <https://calshare.berkeley.edu/sites/fs/supportservices/joycesblog/default.aspx>
>         *
>
>         *FSITSupport Website
>         <https://calshare.berkeley.edu/sites/fs/supportservices/default.aspx>*
>
>         *Universal Desktop User Info – Prep Info, How To’s, Discussion
>         Board
>         <https://calshare.berkeley.edu/sites/fs/supportservices/UnivDT/SitePages/Home.aspx>*
>
>          
>
>          
>
>          
>
>
>
>         -------------------------------------------------------------------------
>         The following was automatically added to this message by the
>         list server:
>
>         To learn more about Micronet, including how to subscribe to or
>         unsubscribe from its mailing list and how to find out about
>         upcoming meetings, please visit the Micronet Web site:
>
>         http://micronet.berkeley.edu
>
>         Messages you send to this mailing list are public and
>         world-viewable, and the list's archives can be browsed and
>         searched on the Internet.  This means these messages can be
>         viewed by (among others) your bosses, prospective employers, and
>         people who have known you in the past.
>
>
>
>
>     -------------------------------------------------------------------------
>     The following was automatically added to this message by the list
>     server:
>
>     To learn more about Micronet, including how to subscribe to or
>     unsubscribe from its mailing list and how to find out about upcoming
>     meetings, please visit the Micronet Web site:
>
>     http://micronet.berkeley.edu
>
>     Messages you send to this mailing list are public and
>     world-viewable, and the list's archives can be browsed and searched
>     on the Internet.  This means these messages can be viewed by (among
>     others) your bosses, prospective employers, and people who have
>     known you in the past.
>
>
>
>
>  
> -------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>
> http://micronet.berkeley.edu
>
> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
>


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] adobe password reset email

Joyce Martin
Funny, I hadn't heard about this at all.

Thanks everyone, and great tip John!



-----Original Message-----
From: [hidden email]
[mailto:[hidden email]] On Behalf Of Paul Rivers
Sent: Wednesday, October 09, 2013 5:01 PM
To: [hidden email]
Subject: Re: [Micronet] adobe password reset email


Yes, exactly. Thanks for pointing this out John. There's no doubt we'll
see phishes that try to masquerade as the real thing.

Paul

On 10/09/2013 04:58 PM, John Torres-O'Callaghan wrote:

> It's a good idea to log in Adobe on your own instead of clicking on
> any links in the e-mail - someone could be sending out a scam based on
> a real incident.
>
>
> --
> John Torres-O'Callaghan
> IS&T Storage and Backup Administrator
> University of California, Berkeley
> [hidden email] <mailto:[hidden email]>
>
>
> On Wed, Oct 9, 2013 at 4:53 PM, Guy D. VINSON <[hidden email]
> <mailto:[hidden email]>> wrote:
>
>     Likely real... adobe got hacked and had about 3 million accounts
>     compromised. I tried to use my old adobe id today and was directed
>     to change my account password.
>
>
>     Guy Vinson
>     Infrastructure & IT
>     College of Environmental Design
>     University of California at Berkeley
>     510-842-7199
>
>
>     On Wed, Oct 9, 2013 at 4:45 PM, Joyce MARTIN
>     <[hidden email] <mailto:[hidden email]>> wrote:
>
>         Hi
>
>         Today I received an email and am not sure if it is legit or a
>         phish.  It looks legit.  When we first received access to the
>         Adobe Master Collection using the campus download site (years?
>         ago), I was asked to create an Adobe password (I did).
>
>
>
>         Now I have an email saying "We recently discovered that an
>         attacker illegally entered our network and may have obtained
>         access to your Adobe ID and encrypted password. We currently
>         have no indication that there has been unauthorized activity on
>         your account.."
>
>
>
>         Did anyone else get this email?
>
>
>
>
>
>
>
>         Joyce Martin
>
>         Business Systems Analyst
>
>         Facilities Services Information Technology
>
>         2000 Carleton
>
>         Berkeley, CA  94720-1380
>
>         (510) 643-1485
>
>
>
>         calshare links - log in like this:  CAMPUS\yourcalnetID
>         Password: your calnet passphrase
>
>         *Joyce's Blog on Google Apps - bCal bMail Drive
>
<https://calshare.berkeley.edu/sites/fs/supportservices/joycesblog/default
.aspx>

>         *
>
>         *FSITSupport Website
>
> <https://calshare.berkeley.edu/sites/fs/supportservices/default.aspx>*
>
>         *Universal Desktop User Info - Prep Info, How To's, Discussion
>         Board
>
> <https://calshare.berkeley.edu/sites/fs/supportservices/UnivDT/SitePag
> es/Home.aspx>*
>
>
>
>
>
>
>
>
>
>
-------------------------------------------------------------------------

>         The following was automatically added to this message by the
>         list server:
>
>         To learn more about Micronet, including how to subscribe to or
>         unsubscribe from its mailing list and how to find out about
>         upcoming meetings, please visit the Micronet Web site:
>
>         http://micronet.berkeley.edu
>
>         Messages you send to this mailing list are public and
>         world-viewable, and the list's archives can be browsed and
>         searched on the Internet.  This means these messages can be
>         viewed by (among others) your bosses, prospective employers, and
>         people who have known you in the past.
>
>
>
>
>
-------------------------------------------------------------------------

>     The following was automatically added to this message by the list
>     server:
>
>     To learn more about Micronet, including how to subscribe to or
>     unsubscribe from its mailing list and how to find out about upcoming
>     meetings, please visit the Micronet Web site:
>
>     http://micronet.berkeley.edu
>
>     Messages you send to this mailing list are public and
>     world-viewable, and the list's archives can be browsed and searched
>     on the Internet.  This means these messages can be viewed by (among
>     others) your bosses, prospective employers, and people who have
>     known you in the past.
>
>
>
>
>
> ----------------------------------------------------------------------
> --- The following was automatically added to this message by the list
> server:
>
> To learn more about Micronet, including how to subscribe to or
unsubscribe from its mailing list and how to find out about upcoming
meetings, please visit the Micronet Web site:
>
> http://micronet.berkeley.edu
>
> Messages you send to this mailing list are public and world-viewable,
and the list's archives can be browsed and searched on the Internet.  This
means these messages can be viewed by (among others) your bosses,
prospective employers, and people who have known you in the past.
>



-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe
from its mailing list and how to find out about upcoming meetings, please
visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and
the list's archives can be browsed and searched on the Internet.  This
means these messages can be viewed by (among others) your bosses,
prospective employers, and people who have known you in the past.

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] adobe password reset email

Kevin Burney
In reply to this post by Guy D. VINSON
 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

smime.p7m (28K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] adobe password reset email

Andrew M. Stevko


2013/10/10 Kevin Burney <[hidden email]>

-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] adobe password reset email

Josh Kwan

As John already pointed out, it's best to manually go to the password
reset URL if you have an Adobe account. Adobe has published a FAQ
regarding the security incident here, including phishing guidance here:

http://helpx.adobe.com/x-productkb/policy-pricing/customer-alert.html

Key point at the bottom regarding phishing attempts:

'Protect yourself against non-legitimate email “phishing” attempts: If
you received an email requesting you to change your password, and you’re
concerned whether it is legitimate, don't click any links in the email.
Instead, type www.adobe.com/go/passwordreset into your browser to be
sure. How to recognize phishing attempts.'

Josh
-=-
Josh Kwan <[hidden email]>
Security Analyst
Information Security Assessments & Compliance (ISAC)
University of California, Berkeley
https://security.berkeley.edu

On 10/10/13 9:52 AM, Andrew M. Stevko wrote:

> In case you didn't hear - Adobe lost their source code too.
> http://arstechnica.com/security/2013/10/adobe-source-code-and-customer-data-stolen-in-sustained-network-hack/
>
>
> 2013/10/10 Kevin Burney <[hidden email] <mailto:[hidden email]>>
>
>
>     -------------------------------------------------------------------------
>     The following was automatically added to this message by the list
>     server:
>
>     To learn more about Micronet, including how to subscribe to or
>     unsubscribe from its mailing list and how to find out about upcoming
>     meetings, please visit the Micronet Web site:
>
>     http://micronet.berkeley.edu
>
>     Messages you send to this mailing list are public and
>     world-viewable, and the list's archives can be browsed and searched
>     on the Internet.  This means these messages can be viewed by (among
>     others) your bosses, prospective employers, and people who have
>     known you in the past.
>
>
>
>
>  
> -------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>
> http://micronet.berkeley.edu
>
> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
>

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] adobe password reset email

tedcrum
In reply to this post by Andrew M. Stevko
At 09:52 AM 10/10/2013, Andrew M. Stevko wrote:
>In case you didn't hear - Adobe lost their source code too.
><http://arstechnica.com/security/2013/10/adobe-source-code-and-customer-data-stolen-in-sustained-network-hack/>http://arstechnica.com/security/2013/10/adobe-source-code-and-customer-data-stolen-in-sustained-network-hack/

I hope it wasn't commented.

-tc


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] adobe password reset email

Lisa Ho
In reply to this post by Josh Kwan
This incident comes just in time to tie in with our October National Cyber Security Month anti-phishing campaign. (I didn't see orchestrating a major password compromise on the communication plan, but good work arranging it, Tanya!) 

I hope you all read this and last week's messages from Larry ("Passwords in Email = Epic Fail" and "If You Didn't Expect It, Reject It"). Tips for the upcoming weeks are also spot on target for this incident: checking the link target before you click on it, validating the URL before you enter your credentials, and checking with Consult or CSS-IT if you're still unsure.  Please print out and post fliers for your department to help spread the word. (security.berkeley.edu/phishing) We are also printing up postcards and posters. Let Erika Donald ([hidden email]) know if you are willing to help distribute materials in your department / area.

Thanks!
Lisa

-- 

Lisa Ho
IT Policy Manager
University of California, Berkeley


On Thu, Oct 10, 2013 at 10:02 AM, Josh Kwan <[hidden email]> wrote:

As John already pointed out, it's best to manually go to the password
reset URL if you have an Adobe account. Adobe has published a FAQ
regarding the security incident here, including phishing guidance here:

http://helpx.adobe.com/x-productkb/policy-pricing/customer-alert.html

Key point at the bottom regarding phishing attempts:

'Protect yourself against non-legitimate email “phishing” attempts: If
you received an email requesting you to change your password, and you’re
concerned whether it is legitimate, don't click any links in the email.
Instead, type www.adobe.com/go/passwordreset into your browser to be
sure. How to recognize phishing attempts.'

Josh
-=-
Josh Kwan <[hidden email]>
Security Analyst
Information Security Assessments & Compliance (ISAC)
University of California, Berkeley
https://security.berkeley.edu

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] adobe password reset email

Robert L. Muzzy

I hope you all read this and last week's messages from Larry ("Passwords in Email = Epic Fail" and "If You Didn't Expect It, Reject It").

 

Having not expected them, I deleted them unopened…

 

Bob Muzzy

Student Affairs IT

UC Berkeley

510-643-0815

 

From: [hidden email] [mailto:[hidden email]] On Behalf Of Lisa Carol Ho
Sent: Thursday, October 10, 2013 10:53 AM
To: List Micronet
Subject: Re: [Micronet] adobe password reset email

 

This incident comes just in time to tie in with our October National Cyber Security Month anti-phishing campaign. (I didn't see orchestrating a major password compromise on the communication plan, but good work arranging it, Tanya!) 

 

I hope you all read this and last week's messages from Larry ("Passwords in Email = Epic Fail" and "If You Didn't Expect It, Reject It"). Tips for the upcoming weeks are also spot on target for this incident: checking the link target before you click on it, validating the URL before you enter your credentials, and checking with Consult or CSS-IT if you're still unsure.  Please print out and post fliers for your department to help spread the word. (security.berkeley.edu/phishing) We are also printing up postcards and posters. Let Erika Donald ([hidden email]) know if you are willing to help distribute materials in your department / area.

 

Thanks!

Lisa

 

-- 

 

Lisa Ho

IT Policy Manager

University of California, Berkeley

 

 

On Thu, Oct 10, 2013 at 10:02 AM, Josh Kwan <[hidden email]> wrote:


As John already pointed out, it's best to manually go to the password
reset URL if you have an Adobe account. Adobe has published a FAQ
regarding the security incident here, including phishing guidance here:

http://helpx.adobe.com/x-productkb/policy-pricing/customer-alert.html

Key point at the bottom regarding phishing attempts:

'Protect yourself against non-legitimate email “phishing” attempts: If
you received an email requesting you to change your password, and you’re
concerned whether it is legitimate, don't click any links in the email.
Instead, type www.adobe.com/go/passwordreset into your browser to be
sure. How to recognize phishing attempts.'

Josh
-=-
Josh Kwan <[hidden email]>
Security Analyst
Information Security Assessments & Compliance (ISAC)
University of California, Berkeley
https://security.berkeley.edu


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] adobe password reset email

Lisa Ho
Ah, well, you can read the next 3 then, now that you're expecting them!

Lisa


On Thu, Oct 10, 2013 at 10:58 AM, Robert L. Muzzy <[hidden email]> wrote:

I hope you all read this and last week's messages from Larry ("Passwords in Email = Epic Fail" and "If You Didn't Expect It, Reject It").

 

Having not expected them, I deleted them unopened…

 

Bob Muzzy

Student Affairs IT

UC Berkeley

510-643-0815


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.