POODLE Attacks? That is the unlikely term for a serious threat to Internet users. Google has recently revealed that criminal hackers have identified a way, under certain circumstances, to force a client and server establishing a secured connection to use the outdated SSL 3.0 protocol.
Hackers can exploit flaws in SSL 3.0 to intercept the messaging between the client (browser) and the server and “listen” to the conversation. This is called a “man-in-the-middle” attacks. Criminal hackers frequently use man-in-the-middle attacks to steal users login credentials and account information for banking and financial sites.
During the attack, the victim may have no idea that something is wrong. They just check their account later and may have a very unpleasant surprise.
This can effect both Windows and Mac users.
You are not vulnerable if either your browser or the server you are connecting to has SSL 3.0 turned off.
The good news is that newer browsers have SSL 3.0 turned off by default, protecting you from this scenario. If you are not sure if your browser is vulnerable go to http://poodletest.com. If you see a cute terrier on the page you are safe. However, if you see a poodle you need to take action!
To disable SSL 3.0 on Internet Explorer 9, do the following:
1) Select Tools (Alt+X)
2) Select “Internet Options”
3) Select the “Advanced” tab
4) In the Security group, uncheck “Use SSL 3.0″
The procedure will be similar on other browsers, but you may need to check the help system.
Although the solution is simple, the threat is extremely dangerous. You could become the victim of identity theft and financial fraud or your computer could be infected with dangerous malware.
Act now! Install a virus protection security suite that could benefit the user in malware or virus scanning so as to protect the system from malicious threats to the fullest.