Filter Blogs expand_more
Blog add
Authors add
2 Results for 'POODLE'

By Bruce Morton

October 15, 2014

The POODLE attack (Padding Oracle On Downgraded Legacy Encryption) will allows items such as “secure” HTTP cookies or HTTP Authorization header contents to be stolen from downgraded communications. If POODLE is used against SSL 3.0, there is no workaround or corrective action that will mitigate the attack. The only solution is to stop supporting SSL 3.0. Disabling SSL 3.0 can be done either at the server or the client (e.g., browser) side. Most server administrators should consider disabling SSL 3.0.

By Stephen Demone

October 11, 2016

“Heartbleed Bug”. “Poodle”. “Sea-Surf”. “DROWN”. If these were super villain names, I wouldn’t exactly be sending in Superman to deal with these guys. But, don’t let these catchy names fool you - these are the names of serious cyber-attacks that resulted in millions of people’s data being exposed and financial information compromised. 
Page 1 of 1