You are here:Home » News » Poodle Threat Not as Menacing as 'Heartbleed, Shellshock'

Poodle Threat Not as Menacing as 'Heartbleed, Shellshock'

Poodle ThreatAccording to the Google researchers, They have uncovered a security but in widely used in web encryption technology that they say could allow hackers to take over accounts fro email, banking and other services in what they have dubbed a "Poodle" attack. 

The discovery of "Poodle", which stands for Padding Oracal On Down Loaded Legacy Encryption, promoted makers of web browsers and server software to advise users on Tuesday to disable use of the source of the security bug, an 18 year old encryption standard known as SSL 3.0

It was the third time this year that research have uncovered a  vulnerability in widely used web technology, following Aprils "Heartbleed Bug" in OpenSSl and last month's "ShellShock" bug in a piece of Unix software known as Bash. 

Security experts said that hackers could steal browser "Cookies" in "Poodle" attacks, potentially taking control of email, baking and social net-working accounts. Even so experts said the threat was not as serious as then two prior bugs. 

If ShellShock and Heartbleed were threat Level 10 then Poodle is more like a 5 or 6," Said Tal Klein, vice president with cloud security firm Adllom. 

The threat was disclosed in a search paper publised on the website of the OpenSSL project, which develops the most widely used type of SSL encryption software. 

Rumors of a bug in SLL software has been circulating in recent days, prompting some security professionals to prepare for a major new threats this week. Ivan Ristic, director of application security research with Qualys, said  "Poodle" Was not as serious as previous threats because the attack was " Quite complicated" requiring hackers to have privileged access to networks. 


Book / Newspaper

  1. RepublicaOctober 16 2014


  1. Image,


Post a Comment