Continue reading " />

SSL 3.0 Protocol Vulnerability and POODLE Attack

no_poodleEarlier this week a major security vulnerability in the SSL 3.0 Protocol was announced that is actively being exploited by an attack, code-named “POODLE”.

The SSL 3.0 Protocol (which is commonly used when browsing to a secure website using https://) is over 18 years old and is vulnerable to attack. Disabling CBC (Ciper-Block-Chaining) encryption can reduce the risk, but disabling SSL 3.0 (and replacing all secure connections with TLS instead) is the preferable remedy to block these attacks.

Scarab Media performed a vulnerability assessment and found that all of our servers are not vulnerable to this exploit due to modifications we had previously performed on our servers to mitigate the BEAST vulnerability back in 2011.  Your eCommerce websites hosted at Scarab Media are verified to already be protected against the POODLE vulnerability and nothing further needs to be done to prevent POODLE attacks on your website, or to maintain PCI-DSS Compliance.

You can read more about the POODLE Vulnerability at



Leave a Response

Please note: comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.