Get Started Today!  217-475-0226

Decatur Computers Inc. Blog

Decatur Computers Inc. has been serving the Decatur area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

20-Year-Old Exploit Finds New Life as ROBOT

20-Year-Old Exploit Finds New Life as ROBOT

There is no shortage of threats on the Internet, from situational issues to deliberate attacks meant to damage your company or steal your valuable data. While new threats pop up almost every day, some have been around for some time--so long, that many seem to not consider them as viable threats.

This can be seen in many considerably-sized Internet companies, including the likes of Facebook and PayPal, which recently tested positive for a vulnerability discovered in 1998 that enabled encrypted data to be decrypted.

When it was first discovered by researcher Daniel Bleichenbacher, this exploit was found in the secure sockets layer, or SSL, encryptions that protected (and still protect) many web platforms and websites. The algorithm that powers the RSA encryption has a flaw that permits a hacker to decrypt ciphertext without the key. The error messages that the encryption presents give hackers enough information to crack it.

As it would happen, instead of eliminating and reworking the flawed RSA algorithm, the SSL architects at the time simply created workarounds to limit the error messages.

This crypto-vulnerability, codenamed “Oracle,” provides “yes” and “no” answers to queries. This means that cybercriminals can phrase their queries specifically enough to ultimately retrieve enough information to form a detailed picture of the encrypted contents. This method is referred to as an adaptive chosen-ciphertext attack.

Recently, researchers have discovered that this vulnerability can be found on over a quarter of the 200 most-visited websites on the Internet, and on around 2.8% of the top million. Naturally, this includes Facebook and PayPal.

Researchers explained the oversight of what is now being called ROBOT, or Return Of Bleichenbacher’s Oracle Threat, as the result of too much focus being directed towards new threats, and the older ones being neglected as a result. As they said in a blog post:

“The surprising fact is that our research was very straightforward. We used minor variations of the original attack and were successful. This issue was hiding in plain sight. This means neither the vendors of the affected products nor security researchers have investigated this before, although it's a very classic and well-known attack.”

These researchers sent their findings to vulnerable sites before going public so that a patch could be created.

Having a comprehensive understanding of the threats that are poised to damage your business will greatly help you keep it secured. We can help. For more information, reach out to Decatur Computers Inc. today at 217-475-0226.

ALERT: Your Business’ Infrastructure May Be Suscep...
Tip of the Week: Don’t Let Your Old Android Device...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, 17 March 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Privacy Best Practices Business Computing Hackers Network Security Cybersecurity IT Support Malware Google Software Backup Technology Email Small Business Managed IT Services User Tips Ransomware Business Management Android Phishing Communications IT Management Cloud Productivity Smartphone Efficiency Data Internet Windows 10 Cost Management Business Hard Drive Outsourced IT Update Data Recovery Hardware Data Security Innovation Cybercrime Gadgets Artificial Intelligence Antivirus Mobile Device Management Microsoft Websites Laptop Start Menu Law Enforcement Passwords Network Browser Computer Hacking Business Continuity Project Management Access Control Data Management Disaster Recovery Saving Money Office 365 App Windows Data Protection BDR Alert VPN Encryption Server Apps Internet of Things IT Services Facebook Bitcoin Maintenance Remote Monitoring Social Engineering Blockchain Microsoft Office SaaS Data Backup Gmail Business Technology Vulnerabilities Word Money Digital Search Collaboration Touchscreen Save Money Patch Management Scam Holiday Unified Communications Networking Budget Company Culture Redundancy Freedom of Information Spyware Knowledge Cortana HTML Printing Business Cards Software as a Service Tablet Running Cable Analytics Solid State Drive WiFi Smartphones Identity Theft News Tech Terms Virtual Assistant Telephone Systems IT Support Government How to Cabling Wireless Comparison Desktop Fake News Mobile Device Google Drive Consultant Managed IT Services Legal Downtime Virus Big Data Uninterrupted Power Supply Data Breach Managed Service Provider Google Maps Hard Drive Disposal Telephony Downloads Piracy Specifications YouTube Worker Applications Emergency Microsoft Excel email scam VoIP Samsung VoIp Software License Television Settings Cloud Computing History Unified Threat Management Mobile Security Vulnerability Cryptocurrency Audit Mobile Devices Automation Mobility Operating System Mouse Administration IBM Two-factor Authentication DDoS eWaste Time Management Corporate Profile Hosted Solutions Automobile Information Technology Managed IT Password Best Practice Multi-factor Authentication Computer Care Robot Employer-Employee Relationship Google Calendar Mobile Technology Spam Unsupported Software Device security Excel Unified Threat Management Social Media Document Management Augmented Reality Outlook SharePoint Vendor Mangement Website Disaster Tip of the week Computing Infrastructure Google Docs Virtual Reality Distributed Denial of Service Access Business Mangement Upgrades Tech Term Windows 10 Marketing Data loss Devices Compliance Regulations CrashOverride Office Users Office Tips

Latest Blog

If you’ve ever felt as though someone was watching what you were doing while you were working remotely, either at home or in public, there’s a chance that you were right. Without a private Internet connection, it is a simple matter for others to watch your processes and stea...

Latest News

Decatur Computers Inc. is proud to announce the launch of our new website at The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for prospective clients.