Hopefully they release a security patch soon!!!
this post was submitted on 21 Nov 2023
193 points (100.0% liked)
196
16822 readers
670 users here now
Be sure to follow the rule before you head out.
Rule: You must post before you leave.
If you have any questions, feel free to contact us on our matrix channel.
founded 2 years ago
MODERATORS
Critical mainframe legacy banking software runs on Gameboy color!
Somewhere in the IT department at a major bank, a gameboy is storing the private keys
Remotely??
Via the infrared port!
No, via a special adapter that enables you to connect a GBC to a feature phone.
Somebody could send you harmful IR signals which could corrupt your Pokemon save file
(/s)
Have to patch it with a game genie
What!
How many of these devices do we have in our asset inventory? Do they have a cvss score yet? Let’s just do it ourselves with an ssvc score. Can this be exploited remotely? Call crowdstrike, tell them to get a network detection written and deployed. How long do we have before the quarterly audit? Can our soc do threat hunts against this? Get me the RTOs, RPOs, and business impact assessment. Let’s MOVE, people!