SSL v3.0 POODLE vulnerability and how to avoid it

A new SSL vulnerability is doing the rounds this morning, known as POODLE, or Padding Oracle On Downgraded Legacy Encryption.

POODLE is a newly disclosed vulnerability in the legacy SSL 3.0 protocol that could be exposing users of newer Transport Layer Security (TLS) encryption protocols to risk.

If exploited, the POODLE flaw could potentially enable an attacker to access and read encrypted communications.

Continue reading

Spike in virus infected emails – take extra care

We’ve seen a sharp increase today in new virus variants getting through to email users due to the speed at which they’re evolving to avoid detection.

Identical messages can arrive sometimes minutes apart but already containing different variants of the virus, making it a game of cat and mouse for the security vendors to keep up.

The fake Amazon order confirmation complete with suspicious-looking ZIP file is the one we’ve heard a lot of reports about but I should stress these emails change by the minute so it’s worth just thinking twice before you click links or open anything resembling an attachment.

Continue reading