Yusuf On SecuritySecurity news, opinion and advice

POODLE

In late 2014 an attack came to the attention of the security world known as the POODLE attack. POODLE stands for Padding Oracle On Downgraded Legacy Encryption. The attack underscored the vulnerabilities introduced when legacy protocols with weak encryption are used. In practice, SSL or Secure Socket Layer has been superseded by Transport Layer Security (TLS) as a means to provide secure data transmission over public network i.e. Internet
POODLE was designed to take advantage of browser communications that use SSL 3.0 to provide encryption and authentication services. . The situation that allows this attack to take place occurs when a browser doesn’t support TLS but does support SSL 3.0. When the browser encounters a situation where TLS is not an option, it reverts to SSL 3.0 as its
encryption option. An attacker noticing this situation can insert themselves into the communication session and force the browser to use SSL 3.0 instead.
If an attacker is able to successfully exploit this situation, they can then exploit a design defect in the SSL 3.0 technology to carry the attack further. The defect allows an attacker to alter the padding at the end of each block and thus make it less secure. If this attack continues, the attacker can eventually gain access to resources and data they should not be able to have.
In order to prevent this attack, the browser and servers should be configured in such a way as to prevent the use of SSL 3.0.

Author
Yusuf
Join the discussion

Further reading

What will it take?

A great piece on what it will take to improve the safety of the connected world. Read it here.

Extended detection and response (XDR)

Extended detection and response (XDR) captures threat data from previously isolated security tools throughout the organizations tech stack to enable...

Log4j Vulnerabilities

Towards the end of November, a researcher from Alibaba discovered a fault (CVE-2021-44228) in a well known open-source logging library called...