ROBOT Attack

On 12 December 2017, a research paper entitled “Return of Bleichenbacher’s Oracle Threat” (ROBOT) was made publicly available. ROBOT is the return of a 19-year-old vulnerability which, under some circumstances, may allow for traffic decryption and server identity theft (websites).

Affected systems: to date, vulnerable implementations from Cisco, Citrix, F5, Oracle, Radware and open-source projects, such as Bouncy Castle, Erlang and WolfSSL, have already been identified. Researchers have also examined Alexa’s top 100 domains and concluded that 27 of those subdomains host vulnerable websites, including popular websites, such as Facebook and Paypal. To check whether your system has been affected, take this simple test: https://robotattack.org/#check  

Recommendation:

  • Carry out a vulnerability analysis;
  • Disable TLS RSA cyphers;
  • Apply safety patches and other specific recommendations from manufacturers.

Links that provide relevant information in relation to the recent occurrence:

https://robotattack.org/ https://robotattack.org/#patches

https://robotattack.org/#check

http://www.kb.cert.org/vuls/id/144389

Vulnerability management within organisations is a complex task. Warpcom’s portfolio offers solutions that help organisations with their vulnerability management. In this context, we highlight our partnership with Tenable and its Tenable.io solutions, as well as the Tenable Security Center.

Paulo Rosa

Security & Public Safety Business Unit Manager

Related articles

Ransomware

Ransomware

On June 27th, a Ransomware campaign affected organizations in several countries: Russia, Ukraine, India, Spain,...

Ransomware

Ransomware

Over the last few days, Warpcom has been receiving several requests for information and recommendations on the recent...

Categories

BlogNew

EbooksNew

MediaNew

Warp InfoNew

Get all the Warpcom content!

Related articles