POODLE Attacks The SSL and TLS Problem
|Stuart Parkerson in Mobile Guidelines Thursday, December 11, 2014|
The POODLE attack has been repurposed to attack a new SSL/TLS problem, according to Qualys’ Director of Engineering Ivan Ristic. Ristic pointed out that vulnerability what has triggered the attack to some of the most popular websites worldwide. The growth of F5 load balancers fell victim as devices have been impacted.
The repurposed attack was previously disclosed in October. Other devices are also said to be affected by the POODLE attack. For those who want to check for vulnerabilities, users should check their website by using the SSL Labs test. If the site indicates as vulnerable, users are urged to apply the patch which is provided by their vendor.
According to the Qualys SSL Pulse scan, about 10% of the servers are vulnerable to the POODLE attack against TLS. Security breaches due to vulnerabilities are common across all users and organizations. These attacks can be prevented by adhering to the measures which should be followed. The challenges still lie with slower adoption to education and learning how to deal with such attacks. Limiting risk is an important factor.
Standards in the industry ensures user confidence with such attacks. Governance and regulations are also important to businesses as they must also learn to adapt, grow and thrive under vulnerable environments. Mobile devices and websites are vulnerable as threats to these technologies and mobile devices are also impacting tools and software for both iOS and Android.
Visit https://community.qualys.com for more information about the Poodle attack.
Read more: https://community.qualys.com
Become a subscriber of App Developer Magazine for just $5.99 a month and take advantage of all these perks.
MEMBERS GET ACCESS TO
- - Exclusive content from leaders in the industry
- - Q&A articles from industry leaders
- - Tips and tricks from the most successful developers weekly
- - Monthly issues, including all 90+ back-issues since 2012
- - Event discounts and early-bird signups
- - Gain insight from top achievers in the app store
- - Learn what tools to use, what SDK's to use, and more