logo
logo
logo
logo
logo
logo
logo
logo
logo
logo
logo

Security Intelligence: ROBOT wakes up


Advertisements
Security Intelligence: ROBOT wakes up Today, we will look at the ROBOT attack on encrypted communications, HP's inattentive developer bug, the new ransomware in the Balkans, and at the end a positive progressive message from the North is waiting for you. We wish pleasant readings. ROBOT is attacking If we think that with HTTPS our sensitive data cannot do anything wrong on the network, let's not be so sure. This week, the ROBOT attack exploits the vulnerability that we can break through encrypted communications. There comes a strong word; vulnerability has existed for a long time and has been marked as solved for the last 19 years. The TLS protocol patch was incomplete and so 27 of the 100 most visited sites were vulnerable, including for example PayPal. However, from..

Sign up now


By registering I agree with your terms

198 tracked servers
285,120 pings / day
60 server outages today

Security Intelligence: ROBOT wakes up

Today, we will look at the ROBOT attack on encrypted communications, HP's inattentive developer bug, the new ransomware in the Balkans, and at the end a positive progressive message from the North is waiting for you. We wish pleasant readings.

ROBOT is attacking

If we think that with HTTPS our sensitive data cannot do anything wrong on the network, let's not be so sure. This week, the ROBOT attack exploits the vulnerability that we can break through encrypted communications. There comes a strong word; vulnerability has existed for a long time and has been marked as solved for the last 19 years. The TLS protocol patch was incomplete and so 27 of the 100 most visited sites were vulnerable, including for example PayPal.

However, from the first million sites were vulnerable to only 30,000 because the bug occurred in the library mostly used for expensive commercial products. If an attacker captures the transmission between the client and the vulnerable TLS server and is able to connect up to a million times in succession with the TLS server, the attacker has won and can benefit from the vulnerability. This was demonstrated by the researchers signing the test report with the HTTPS private key of the Facebook certificate (which has already been patched). You can test your own server via the web interface. However, if you do not want to wait for a queue, you can run the python script that the creators have added.

Other observations

Last week, HP released updated drivers for hundreds of its models. The main task of the update was to remove the debugging code that could be used by the attacker to "construct" the keylogger. The whole problem consisted of the code that is part of the Synaptics Touchpad driver. Security expert Michael Myng, who discovered the vulnerability, has made it clear that logging is implicitly disabled, but it can be easily changed by simply editing the registers. The whole analysis can be found on GitHub. HP has admitted the mistake, according to their comments, it is the code that the inattentive developer has forgotten here, which has not happened for the first time.

The new Spider ransomware has grown in the Balkans. Attackers give the victims 96 hours to pay. They are even given a video tutorial on how payment and subsequent data recovery takes place. Behind the encryption of documents is a malicious Office file that is attached as an attachment to phishing emails. When the malicious PowerShellu script is running, instructions for downloading the base64 malicious payload Base64 hosted on YourJavaScript.com will be displayed.

A group of engineers from Princeton University came up with a way to track the location of a mobile phone without using GPS. In the form of PinMe, they have shown that it is possible to determine the user's location from information that can be obtained without the explicit permission of the various sources of the phone. The application determines the way of movement (walking, car, train, airplane) through the time zone, the last assigned IP address and air pressure (which compares with publicly available weather information) to determine the position of the device with GPS precision.

And now something from the Internet. On Tuesday 12. 12. 2017 04:43 UTC was an interesting event due to BGPMon. A total of 80 BGP prefixes usually reported by Google, Apple, Facebook, Microsoft, Twitch NTT Communications, and Riot games had set Origin AS at 39523 (DV-LINK-AS) from Russia in the global BGP routing. One of the attractions is the autonomous system 39523 (DV-LINK-AS) has not yet sent a single announcement for several years (except for one year this year). Due to the importance and number of reported ranges, an unintentional error can almost certainly be ruled out, and most likely, it is a security incident with the intention of redirecting and gaining traffic from someone else. Altogether, this involved two attempts between 04:43 UTC and 04:46 UTC and the other started at 07:07 UTC and ended at 07:10 UTC.

Dell Securework employees warn about the vulnerability of two entry control units. The bug provides attackers with the ability to unlock or lock the door by sending an unauthorized request to vulnerable devices. These are two AMAG Technology products used in EN-1DBC and EN-2DBC. It should be noted that the devices must be at the basic settings so that an attacker can send an unauthorized request to open the door using TCP / IP.

And a positive dot at the end. Iceland's Safer Internet Center came up with an unconventional idea, urging the public to become part of a Sunday without mobile phones. The aim of this event, which took place on 26 November, was to make the public aware of the use of smart phones, especially with regard to mutual family interaction. The organizers of the event called on the public to think about whether and how mobile phones affect their own close family relationships, both in parent-child relationship and vice versa. More than 140,000 people learned about this event, according to available data. Sunday without a phone tried over 3,000 families.

SupplierPlan
Price

HDD

Bandwidth
CountryLast check
usadomains.comAdvancedINR421 UnlimitedUnlimited18s ago
Description: create cloud server, cloud based server hosting, cloud application server
DM Solutions e.K.SSD Webhosting StandardINR1,219 Unlimited25.00GBGermany Germany23s ago
Description: ruby server monitoring, gfi server monitor, wow mop private server
arvixe.comPersonal classINR264 UnlimitedUnlimitedUnited States United States37s ago
Description: cloud based server backup solutions, server monitoring tool, cloud hosted servers
IT-Service KretzschmarSpar200MINRUnlimited0.19GBGermany Germany13s ago
Description: online server monitor, dedicated server with cpanel, create a cloud server
aeserver.comUnlimitedINR450 UnlimitedUnlimitedUAE12s ago
Description: dedicated server hosting australia, cloud based server backup, server backups
Web-Service4USpar 200MINRUnlimited200 MBGermany Germany37s ago
Description: server monitor android, raid server recovery, sql server recovery
luminea IT Solutions Ltd.Reseller R3INR2,027 50000 MB19.53GBGermany Germany58s ago
Description: cloud backup services for servers, server monitoring cloud, windows server monitoring tools
VCServer Network OHGWebhosting 6.0 XXLINR1,217 Unlimited100.00GBGermany Germany41s ago
Description: exchange server monitoring, windows server recovery, server monitoring
soloweb.comBasicINR172 5GBUnlimitedMexico Mexico25s ago
Description: running wordpress on windows server, linux server monitoring, windows 2008 server backup
cyberhostpro.comHomeINR743 Unlimited3GB37s ago
Description: cloud file servers, sql server backup strategy, small business server backup solutions
SSD WebhostingFastPro SINR813 Unlimited3GBGermany Germany35s ago
Description: systems management server, windows cloud servers, cloud backup servers
AlsoISPBronze *L*INR142 Unlimited200 MBGermany Germany43s ago
Description: best server backup solution, server cloud canada, cost of cloud server
contabo.comMINR243 Unlimited50GB59s ago
Description: xen server backup, monitor windows server performance, server backup solution
pingstone.comProfessionalINR959 250GB2GBThailand Thailand59s ago
Description: back up servers, server on cloud, cloud server setup
xtreme.com.auLiteINR1,719 Unlimited5GB12s ago
Description: cloud server host, cloud server services, server disaster recovery
http://www.stable.cz/MiniINR246 Unlimited400 MBCzech Republic Czech Republic43s ago
Description: how to backup server, performance monitor windows server 2008 r2, monitoring server performance
bytebob.comProINR260 50GB15GB 33s ago
Description: online server backup solutions, monitoring server software, cloud vs server
hostbreak.comBusinessINR661 UnlimitedUnlimited38s ago
Description: server image backup, sql server backup table, cloud virtual servers
dtechghana.comEliteINR529 UnlimitedUnlimited16s ago
Description: hp server monitoring software, australian dedicated server hosting, servermonitor
thewebpower.comSecureINR595 120GB12GB44s ago
Description: server network monitoring software, windows server 2003 installation, server network monitoring
skgoldhosting.comBasicINR324 1GB10GBCANADA11s ago
Description: server backup system, online server backups, cloud based mail server
onebit.czHomeINR3,637 Unlimited5GB55s ago
Description: online server backup, windows server backup system state, cloud plex server
netfronts.comBronzeINR658 22.5GB1.5GB17s ago
Description: cloud server provider, server monitoring dashboard, simple server monitoring
hostsg.comStarter 5INR566 Unlimited5GB29s ago
Description: cloud servers reviews, server 2008 image backup, sql server with check option
windows.yohost.comSapphireINR1,322 10GB750MB35s ago
Description: cloud server costs, windows server 2003 group policy editor, best server backup
1dollarhosting.comGoldINR856 Unlimited500MB12s ago
Description: cloud backup server, datacenter server architecture, online backup servers
Luminea IT Solutions Ltd.Profi.PlusINR806 Unlimited20GBGermany Germany45s ago
Description: server backup tools, server cloud, server performance monitoring
slayhost.comWindowsINR152 25Gb10GBNigeria Nigeria47s ago
Description: web server monitoring, build a cloud server, windows server 2008 system restore



Free variant

Free

  • Non commerce
  • 1 website
  • 10 minutes interval

Basic variant

INR 1,221 / Mo

  • Pro
  • Up to 100 websites
  • 1 minute interval

Unlimited variant

INR 5,373 / Mo

  • Pro
  • Up to 1000 websites
  • 10 seconds interval

Sign up now


By registering I agree with your terms


↑ Scroll back ↑