Poodle Vulnerability 

Padding Oracle On Downgraded Legacy Encryption (POODLE)

The poodle vulnerability has been around as an exploit since 2014.It led to an attack which led to completely disabling SSL 3.0 on the client and server-side to prevent hackers from making use of this man-in-the-middle attack. 2014 also brought us Heartbleed bug, BERserk, and FREAK exploits. That might seem like ancient history in cybersecurity. But history has a freaky way of repeating itself.poodle anime

In 2016 the DROWN attack took advantage of support for SSLv2 protocol and exposed the weakness in more than 81,000 of the top 1 million most popular websites.  As we get closer to 2017, the odds are increasing that the number of exploits will continue to rise.

Krebs is usually a good source of the most up to date info. But it remains a race, and I’m not always sure we’re winning.  http://krebsonsecurity.com/

Poodle in the Park

Black standard poodle

In the meantime, here’s some pictures of poodles to lighten the mood! This is Cleaver Black – destroyer of dragons (blue stuffed ones).

Sleepy Poodle

Let Sleeping Poodles Lie

Poodle in the park

Happy poodle

 

Portrait of a young poodle

Portrait of a young poodle

Cleaver - Destroyer of (toy) dragons

Cleaver – Destroyer of (toy) dragons