Newly-discovered Security Bug has Gone to the Dogs

Newly-discovered Security Bug has Gone to the Dogs

Newly-discovered Security Bug has Gone to the DogsAll this time, when I thought of the word “poodle,” I imagined white mounds of curly hair, two pink bows, one in each ear, and a cotton-ball tail…not anymore. Thanks to the newly-discovered “Poodle” attack, a security bug used in encryption technology that can allow attackers to take over accounts including email, banking and other services, now the word “poodle” conjures up images of a cyber Cujo.

After discovering Padding Oracle On Downloaded Legacy Encryption, or Poodle, web browser and server software creators are advising users to disable an 18-year old encryption standard – SSL 3.0. This is because security experts are saying that attackers can use Poodle to steal browser cookies (That's what I call Mollie’s dog treats: “cookies.” Lots of dog references with this bug...and it's not even a flea or tick!)

Supposedly Poodle isn’t as serious as Heartbleed or Shellshock because these required hackers to have privileged access to networks. Nevertheless, with Poodle, SSL 3.0 is no longer secure, prompting browsers, such as Mozilla, to disable it in their next version of Firefox, scheduled to be released on November 25 (just in time for Cyber Monday, might I add).

About the Author

Ginger Hill is Group Social Media Manager.

Digital Edition

  • Security Today Magazine - October 2020

    October 2020

    Featuring:

    • No Touch, Low Touch
    • Going the Distance
    • Accelerating Security
    • Bringing Rapid Identification
    • Shifting Strategies

    View This Issue

  • Environmental Protection
  • Occupational Health & Safety
  • Infrastructure Solutions Group
  • Spaces4Learning
  • Campus Security & Life Safety