No, I’m not joking around. It’s real. You may be familiar with bugs known as Heartbleed and Shellshock, which I’ve addressed them in earlier BLOG posts. But now, it’s time that you be made aware of a new bug called POODLE (Padding Oracle On Downgraded Legacy Encryption). Simply put, POODLE allows hackers to access and steal information on encrypted connections.
It is important to note that this is NOT a flaw in SSL certificates, their private keys, or their design but in the old SSLv3 protocol. The bug hijacks pieces of information by using this outdated web communication protocol, leaving systems susceptible to information theft. It’s not believed to be as serious as the Heartbleed bug in OpenSSL, since the attacker needs to have a privileged position in the network to exploit the latest. The usage of Hotspots, public Wi-Fi, does make this attack a real problem. This type of attack falls into the “Man-in-the-middle” category.
How Do They Do It?
Did you ever wonder why you don’t have to log into your e-mail account each time you use it? This is because your browser has a cookie installed which lets your e-mail know that you are who you claim to be. While this is convenient, it can present a problem. If a hacker tricked you into connecting to a bogus wireless hotspot, for example, this bug could allow them to steal a cookie from your computer. This would give hackers a chance to steal enough information from a web connection that they that they would then be able to steal your cookies and effectively pretend to be you.
When POODLE emerged earlier this year, security officials got to work and quickly patched many of the sites that were most vulnerable. Unfortunately, it seems, the experts did not go far enough. The bug formerly attacked an outdated version of SSL (Secure Socket Layer), which is no longer used on modern browsers, but is around due to some older sites, which still require it. Another newer layer of security called TLS (Transport Layer Security) has now been found to also be susceptible to POODLE and a fix has yet to be implemented. By the way, some banks are susceptible to the new iteration of this bug.
There are ways to keep your browser safe and to find out whether or not you’re at high risk for such bugs. BizTek Connection wants to make sure you’re doing everything you can to keep your company’s web presence and security safe. For more information, contact us via phone at 501-542-4241 or email at info@BizTekConnection.com