Posts Tagged ‘POODLE’

Time to perform your TLS Version Check | Goodbye TLS1.0 and TLS 1.1 protocols

Wednesday, August 21st, 2019

A vulnerability named POODLE was discovered in SSL 3.0. POODLE or Padded Oracle On Downgraded Legacy Encryption that gave a blow to cloud security. Last year, Microsoft had finally taken the decision to turn off the support for all TLS protocols older than TLS 1.2 and SSL v3 last for better cloud security. A decision that was taken to protect systems against similar POODLE attacks as in the past. It wasn’t easy to get rid of TLS 1.1 and TLS 1.0 so soon, most Microsoft OS and applications had these two protocols hardcoded for a better interoperability experience. Microsoft had to face a bitter backlash as most organizations weren’t ready for the “Change” in its attempt to improve cloud security.

READ MORE →

A guide to disable SSLv3 and other weak protocols for Cloud Security

Tuesday, July 16th, 2019

Admins prefer to disable SSLv3 to ensure Cloud security as it is a major issue in the cloud computing space. Tools like IIS Crypto are used by Server administrators to disable weak ciphers and protocols. Weak protocols like TLS 1.0 SSL 2 and SSL 3 are make the cloud vulnerable to cyber-attacks. In the midst of security planning and deploying security solution, many clients opt to disable weak protocols as there step to ensure security in their cloud systems. Attacks like POODLE, GOLDENDOODLE, Bleichenbacher etc. are more popular these days and to prevent these, it is best to disable weak protocols like it is recommended to disable SSLv3.

READ MORE →