Kaspersky Daily News Podcast: Poodle Attack

Brian Donohue and Dennis Fisher talk about a new attack on the SSL protocol, which is now known as POODLE.

Disclosed in the middle of October, a new attack on the SSLv3 protocol takes advantage of a vulnerability of the protocol that enables a network attacker to recover the plaintext communications of a victim. The attack is considered easier to exploit than similar previous attacks against SSL/TLS, such as BEAST and CRIME, and can enable an attacker to retrieve a supposedly secure cookie for a given site.

Brian Donohue and Dennis Fisher talks about the attack, which is now known as POODLE and was developed by several researchers at Google, in this October 2014 special edition of the Kaspersky Daily podcast:

poodle_2

Tips