October 2014 brought with it a new cyber-attack method to the Internet: POODLE, the ‘Padding Oracle On Downgraded Legacy Encryption’ attack. The attack is against the SSLv3 protocol, which powers the HTTPS secure browsing system we’re all used to.
What can you do?
1. Check your browser:
https://dev.ssllabs.com/ssltest/viewMyClient.html
Then disable SSLv3 support in your browser(s):
https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/
Firefox was the easiest to change. Safari has no known fix yet, and Mac Chrome requires a command line tweak to modify. Even the Chrome Canary build is still vulnerable.
2. Check to see if your web server is vulnerable:
https://www.tinfoilsecurity.com/poodle
Then ask your hosting company to disable SSLv3 on the server:
https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/