Get Started Today!  217-475-0226

Decatur Computers Inc. Blog

Decatur Computers Inc. has been serving the Decatur area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

20-Year-Old Exploit Finds New Life as ROBOT

20-Year-Old Exploit Finds New Life as ROBOT

There is no shortage of threats on the Internet, from situational issues to deliberate attacks meant to damage your company or steal your valuable data. While new threats pop up almost every day, some have been around for some time--so long, that many seem to not consider them as viable threats.

This can be seen in many considerably-sized Internet companies, including the likes of Facebook and PayPal, which recently tested positive for a vulnerability discovered in 1998 that enabled encrypted data to be decrypted.

When it was first discovered by researcher Daniel Bleichenbacher, this exploit was found in the secure sockets layer, or SSL, encryptions that protected (and still protect) many web platforms and websites. The algorithm that powers the RSA encryption has a flaw that permits a hacker to decrypt ciphertext without the key. The error messages that the encryption presents give hackers enough information to crack it.

As it would happen, instead of eliminating and reworking the flawed RSA algorithm, the SSL architects at the time simply created workarounds to limit the error messages.

This crypto-vulnerability, codenamed “Oracle,” provides “yes” and “no” answers to queries. This means that cybercriminals can phrase their queries specifically enough to ultimately retrieve enough information to form a detailed picture of the encrypted contents. This method is referred to as an adaptive chosen-ciphertext attack.

Recently, researchers have discovered that this vulnerability can be found on over a quarter of the 200 most-visited websites on the Internet, and on around 2.8% of the top million. Naturally, this includes Facebook and PayPal.

Researchers explained the oversight of what is now being called ROBOT, or Return Of Bleichenbacher’s Oracle Threat, as the result of too much focus being directed towards new threats, and the older ones being neglected as a result. As they said in a blog post:

“The surprising fact is that our research was very straightforward. We used minor variations of the original attack and were successful. This issue was hiding in plain sight. This means neither the vendors of the affected products nor security researchers have investigated this before, although it's a very classic and well-known attack.”

These researchers sent their findings to vulnerable sites before going public so that a patch could be created.

Having a comprehensive understanding of the threats that are poised to damage your business will greatly help you keep it secured. We can help. For more information, reach out to Decatur Computers Inc. today at 217-475-0226.

ALERT: Your Business’ Infrastructure May Be Suscep...
Tip of the Week: Don’t Let Your Old Android Device...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, June 24 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Privacy Network Security Technology Business Computing Hackers IT Support Android Tech Term Cybersecurity Business Management Malware User Tips Internet Google Smartphone Managed IT Services Ransomware Software Backup Email Small Business Data Windows 10 Data Recovery Innovation Artificial Intelligence Productivity Phishing IT Management Communications Business Cost Management Cloud Cybercrime Efficiency Data Backup Business Technology Mobile Device Management Collaboration Patch Management Network Computer Outsourced IT Hard Drive Update Managed IT Services Saving Money Data Security Encryption App Hardware IT Services Antivirus Blockchain Gadgets Gmail Word Digital Document Management Vulnerabilities SaaS Money Scam Search Bandwidth Social Media Websites Laptop Touchscreen Save Money Holiday Smartphones Microsoft Tech Terms Start Menu Law Enforcement Passwords Business Continuity Browser Data loss Project Management Hacking Access Control Mobile Device Data Management Data Breach Office 365 Windows Disaster Recovery Applications VPN Server Data Protection BDR Alert Operating System Facebook Internet of Things Maintenance Automation Remote Monitoring Bitcoin Apps Social Engineering Microsoft Office Spam Nanotechnology Mobile Technology Unified Threat Management Best Practice Going Green Employer-Employee Relationship Tactics Device security Excel Outlook Disaster Vendor Mangement Startup Download Augmented Reality SharePoint Unsupported Software Access Addiction Website Google Docs Tip of the week Computing Infrastructure Business Mangement Upload Screen Reader Virtual Reality Unified Communications Distributed Denial of Service Spyware Machine Learning Budget Redundancy Networking Knowledge Legislation Trends Communication Company Culture Printing Freedom of Information Software as a Service Tablet Upgrades Analytics HTML Cortana Business Cards Virtualization Gamification Conferencing Identity Theft Government News How to Running Cable Comparison Virtual Assistant Google Drive Solid State Drive WiFi Apple Chromebook Desktop Legal Fake News Virus Telephone Systems Big Data Cabling IT Support Devices Managed Service Provider Downtime Google Maps Telephony Wireless Emails Consultant Content Backup and Disaster Recovery Downloads YouTube Compliance Hard Drive Disposal Emergency Piracy Specifications VoIP Uninterrupted Power Supply Bluetooth VoIp Microsoft Excel Settings Worker Regulations email scam Vulnerability Software License Audit Television Wireless Headphones Printer Mobile Security Mobility Cryptocurrency Administration Cloud Computing Samsung Accountants Mobile Devices DDoS Cleaning Mouse Time Management History Corporate Profile Unified Threat Management Network Management Paperless Office Two-factor Authentication Managed IT eWaste Password Training Computers Information Technology Computer Care IBM Service Level Agreement Hosted Solutions Database Automobile Multi-factor Authentication Google Calendar Robot Equifax Office Users Multi-Factor Security Office Tips Windows 10 Marketing Managing Stress BYOD Twitter CrashOverride

Latest Blog

IT support is one of the most important parts of any modern business simply because it’s just not feasible to run a business without any form of technology at its core. For example, most businesses rely on email and other forms of communication, whereas stores might require ...

Latest News

Decatur Computers Inc. is proud to announce the launch of our new website at http://www.decaturcomputers.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for prospective clients.