Remember the POODLE vulnerability (aka “the poodle bug”)?
Discovered last October, it’s a means by which attackers could intercept supposedly secure SSL communications between your computer and a website. For instance, if you were logging into a secure website (such as an online bank) using WiFi in a coffeeshop, a hacker sitting close by could sniff your confidential credentials as they whizz through the air.
Of course, every responsible website sprung into action - making sure that they weren’t putting their users at risk.
This server is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate. Grade capped to C.
This server is vulnerable to the POODLE attack against TLS servers. Patching required. Grade set to F.
Six months after the world was warned about the POODLE bug, that’s pretty shocking.
Hey, banks. Do you think you could do us all a favour and take security a wee bit more seriously? Thanks.
You can learn more about the POODLE vulnerability in the following video I made: