Computerware has been serving the Vienna area since 1976, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

20-Year-Old Exploit Finds New Life as ROBOT

20-Year-Old Exploit Finds New Life as ROBOT

There is no shortage of threats on the Internet, from situational issues to deliberate attacks meant to damage your company or steal your valuable data. While new threats pop up almost every day, some have been around for some time--so long, that many seem to not consider them as viable threats.

This can be seen in many considerably-sized Internet companies, including the likes of Facebook and PayPal, which recently tested positive for a vulnerability discovered in 1998 that enabled encrypted data to be decrypted.

When it was first discovered by researcher Daniel Bleichenbacher, this exploit was found in the secure sockets layer, or SSL, encryptions that protected (and still protect) many web platforms and websites. The algorithm that powers the RSA encryption has a flaw that permits a hacker to decrypt ciphertext without the key. The error messages that the encryption presents give hackers enough information to crack it.

As it would happen, instead of eliminating and reworking the flawed RSA algorithm, the SSL architects at the time simply created workarounds to limit the error messages.

This crypto-vulnerability, codenamed “Oracle,” provides “yes” and “no” answers to queries. This means that cybercriminals can phrase their queries specifically enough to ultimately retrieve enough information to form a detailed picture of the encrypted contents. This method is referred to as an adaptive chosen-ciphertext attack.

Recently, researchers have discovered that this vulnerability can be found on over a quarter of the 200 most-visited websites on the Internet, and on around 2.8% of the top million. Naturally, this includes Facebook and PayPal.

Researchers explained the oversight of what is now being called ROBOT, or Return Of Bleichenbacher’s Oracle Threat, as the result of too much focus being directed towards new threats, and the older ones being neglected as a result. As they said in a blog post:

“The surprising fact is that our research was very straightforward. We used minor variations of the original attack and were successful. This issue was hiding in plain sight. This means neither the vendors of the affected products nor security researchers have investigated this before, although it's a very classic and well-known attack.”

These researchers sent their findings to vulnerable sites before going public so that a patch could be created.

Having a comprehensive understanding of the threats that are poised to damage your business will greatly help you keep it secured. We can help. For more information, reach out to Computerware today at (703) 821-8200.

ALERT: Your Business’ Infrastructure May Be Suscep...
Looking at the Landscape of Email Fraud


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, 20 January 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Internet Cloud Business Management Microsoft Software Hackers Managed Service Provider Business Computing Workplace Tips Productivity Backup Data Hardware Saving Money Business Malware Email IT Support IT Services Hosted Solutions Google Efficiency Quick Tips Smartphones Small Business Gadgets Network Security User Tips Mobile Devices Business Continuity Disaster Recovery Mobile Office Computer Network Virtualization Microsoft Office Server VoIP Social Media Windows 10 Mobile Device Management Miscellaneous Upgrade Unified Threat Management Android Windows Ransomware Smartphone Operating System Remote Computing Passwords Innovation Holiday Mobile Computing WiFi Vendor Management BYOD Remote Monitoring Communication Collaboration Marketing The Internet of Things Apps Facebook Users Firewall Managed IT services Analytics History Apple IT Support Alert Data Management Phishing Save Money Outsourced IT Cybersecurity Managed IT Services IT Consultant Automation Gmail Health Big data App Content Filtering Productivity Bring Your Own Device Office Hiring/Firing Tech Support Lithium-ion Battery Browser Hard Drives Outlook Managed IT communications Artificial Intelligence Virus Budget Best Practice Spam Going Green BDR Windows 8 Wireless Technology Search Printer Update Encryption Recovery Data Backup Employer-Employee Relationship Help Desk Cost Management Antivirus Maintenance Information Technology Phone System IBM Mobile Device Internet of Things Bandwidth Office 365 Money Running Cable Networking Government Risk Management Proactive IT Computers Law Enforcement It Management Hard Drive Administration Data storage Customer Service Legal Travel Education Document Management SaaS Saving Time Save Time Humor Black Market User Avoiding Downtime Business Growth Digital Payment DDoS Project Management Current Events Telephone Systems Training Comparison Excel Word PowerPoint Disaster Social Networking Cortana End of Support Password VPN Hacker Securty Twitter Solid State Drive Tablet Mobility Flexibility Two-factor Authentication iPhone Windows 10 Business Intelligence Wireless Website Computer Repair Hosted Solution Hacking Robot Fax Server Data Recovery Intranet Streaming Media Inbound Marketing Computing Infrastructure Cloud Computing Safety Specifications Hack Social Chrome Telephony Monitors Network Congestion Pain Points Router Computer Accessories User Error Cybercrime Customer Relationship Management YouTube Settings Distributed Denial of Service Augmented Reality Unified Communications Mouse Public Cloud Gaming Console Text Messaging Politics Processors Downtime Webcam USB Presentation Automobile Company Culture Scam Virtual Desktop Cryptocurrency Google Docs Laptop Net Neutrality How To Documents Programming Digital Heating/Cooling Office Tips Start Menu Co-managed IT Paperless Office Taxes Trending Retail Sports Software as a Service Access Control Bitcoin Uninterrupted Power Supply Experience Computing eWaste Lifestyle Statistics Data Security IT service Social Engineering Google Maps Compliance Patch Management Data Loss Tip of the week Corporate Profile Bluetooth In Internet of Things LiFi Application Assessment Emails Rental Service Get More Done Deep Learning Scalability Leadership Smart Phones Redundancy Evernote Data Breach Virtual Assistant Printer Server VoIP Memory Visible Light Communication Digital Signature Consultation Wi-Fi Meetings Device Management Data Warehousing Cabling Private Cloud Entertainment Audit Hard Drive Disposal Flash Administrator Advertising Google Wallet online Currency Supercomputer Windows Server 2008 Worker Displays Machine Learning Analytic Emergency Upselling Computer Care Unified Threat Management Webinar Public Speaking Drones Google Drive Banking Employer Employee Relationship Windows 7 File Sharing Licensing Vulnerability GPS Printing Fiber-Optic Electricity Language Botnet Entrepreneur Permissions HIPAA Business Managemenet Business Metrics Freedom of Information Best Practives Writing Electronic Payment switches Business Technology 3D Downloads Fraud WannaCry Computer Malfunction Ebay Recycling IP Address Microserver Time Management Chromebook News Messenger Human Resources Adminstration Google Calendar email scam Work/Life Balance Motion Sickness Pirating Information Skype Turn Key Touchscreen Download Tracking Knowledge Fake News Books Trojan IT consulting Teamwork Technology Tips Vulnerabilities Organize Content Management Web Server Cleaning Workers Storage CIO Websites Mobile Technology Microchip Tech Terms Microsoft Excel Reading Regulations PDF Windows XP Best Available Business Cards Access Video Surveillance Keyboard Society Hacks Samsung Domains Micrsooft Saving ZTime Product Reviews LinkedIn Mobile Payment Relocation G Suite Read Value Spyware Archive Identity Theft Physical Security Debate Shortcut Notifications Tablets Troubleshooting Television Harddrive Blockchain Reliable Computing Data Protection Point of Contact Staffing Sync Environment Music cache Virtual Reality CCTV Competition Upgrades Thin CLient Business Owner External Harddrive SharePoint Capital Productuvuty CrashOverride 3D Printing Piracy Software License

hp supplies medallionLarge2017