Wednesday 15 October 2014

POODLE SSLv3 Vulnerability

Bodo Möller, Thai Duong and Krzysztof Kotowicz from Google who discovered this, released a security advisory which you can find on OpenSSL website [2]. 
The Padding Oracle On Downgraded Legacy Encryption aka #POODLE vulnerability, has already a good write-up [1]. Jesper Jurcenoks explains the vulnerability on his blog [3] in a very detailed manner but at the same time, easy to understand. I am happy to see that Jesper used for his blog-post the logo I made for the poople vulnerability! :) Also, if you are thirsty for more technical details, you should also read this blog-post from ImperialViolet [4]. If you want to see some statistics on how vulnerable we are today in regards to this, you should read this article on netcraft [5]. The following post outlines the steps on how to disable SSLv3 [6]. If you wanna do a quick test and see if your browser supports SSLv3 regarding the poodle vulnerability, then you can visit: www.poodletest.comOn the other hand, www.howsmyssl.com can provide some useful information about the SSL/TLS client you used to render its page. Last but not least, if you need to a server given its domain name for this vulnerability, you may use www.poodlescan.com

CVE­-2014-­3566 has been allocated for this protocol vulnerability.

I had an idea for a logo for this vulnerability which I posted on twitter when the vulnerability came out and I would like to share it with you. We are trying to ditch SSLv3 for quite some time now, the logo had to look a little bit old style, retro and maybe vintage. Let me know what you think. ( you are free to use this logo, it would be nice if you reference it with: @drgfragkos )



Do you want to test manually?
Use this command: 
openssl s_client -connect google.com:443 -ssl3
If the handshake fails then the server doesn't support SSLv3 

Sunday 12 October 2014

Backdoors on Web Applications

There are different types of backdoors being used and deployed, depending on what kind of system/service is being targeted, how stealth it needs to be and how persistent. In this instance, we are discussing backdoors being uploaded through Web Applications to your Web Server, in order to provide access to unauthorised third-parties. 

Wednesday 1 October 2014

MasterCard Global Risk Management Conference in Ireland

I was very excited to be invited by MasterCard EU (@MasterCardEU) to participate in a discussion panel during the Global Risk Management Conference #GlobalRisk [1] which took place in Ireland this year. Sysnet (@Sysnetgs) published an article regarding the event [2] on their blog. 

A variety of talks and presentations about the security of transactions, fraud, micro-payments, biometrics and trends in CyberCrime made the conference extremely interesting. MasterCard wanted to explore the increasing scope, scale, and complexity of cyber crime impacting the industry. After the recent events regarding breaches, the latest trends, and new attack vectors that criminals are employing, it is an opportunity to discuss and share lessons learned and best practices to impede Cyber Crime.