Kaspersky Daily News Podcast: POODLE SSL Attack

October 28, 2014

Disclosed in the middle of October, a new attack on the SSLv3 protocol takes advantage of a vulnerability of the protocol that enables a network attacker to recover the plaintext communications of a victim. The attack is considered easier to exploit than similar previous attacks against SSL/TLS, such as BEAST and CRIME, and can enable an attacker to retrieve a supposedly secure cookie for a given site.

Brian Donohue and Dennis Fisher talks about the attack, which is now known as POODLE and was developed by several researchers at Google, in this October 2014 special edition of the Kaspersky Daily podcast:

poodle_2Music for this podcast is by Yacht via the Free Music Archive and is licensed under Creative Commons.