According to an FBI memo seen by Reuters, the hacktivist group Anonymous has gained access to multiple U.S. government agencies. The report alleges that the infiltration of the U.S. government agency sites came by way of flaws in Adobe’s ColdFusion Web building software. As part of the October breach at Adobe, hackers allegedly also got access to the ColdFusion source code.
Adobe spokesperson Heather Edell told InternetNews that there is no indication from the FBI report that the U.S Government breach relates to the incident that Adobe reported on Oct. 3. Edell added that the vulnerability in question that the FBI warns is at the root of the government exploitation is ‘APSB13-03’ which was first patched by Adobe on 15 January 2013.
“While we do not have any additional information on this incident outside of published reports, the majority of attacks we see are exploiting software not up-to-date on the latest security updates,” Edell said. ” Adobe therefore strongly recommends that users install the latest security updates as the best possible defense against those with malicious intent. Customers should also apply the security configuration settings as outlined on the ColdFusion Security page as well as review the ColdFusion 10 Lockdown Guide.“