Bleeping Computer

Fortinet fixes critical vulnerabilities in SSL VPN and web firewall

Fortinet has fixed multiple severe vulnerabilities impacting its products. The vulnerabilities range from Remote Code Execution (RCE) to SQL Injection, to Denial of Service (DoS) and impact the ...
PC World

Critical Java updates fix 19 vulnerabilities, disable SSL 3.0

Oracle released new security updates for Java to fix 19 vulnerabilities and disable default support for SSL 3.0, an outdated version of the secure communications protocol that is vulnerable to attacks ...
Dark Reading

New Zombie 'POODLE' Attack Bred from TLS Flaw

Turns out a major design flaw discovered and patched five years ago in the old SSL 3.0 encryption protocol, which exposed secure sessions to the so-called POODLE attack, didn't really die: A ...
CRN

Browser Makers React To Google Warning On SSL 3.0

Mozilla, Microsoft and other browser makers are turning off support for a decades-old encryption protocol following an advisory from Google warning that the protocol is vulnerable to a dangerous ...
Threat Post

Microsoft Enables Removal of SSL 3.0 Fallback In IE

Microsoft has given Windows admins the option to remove the SSL 3.0 fallback from Internet Explorer. By disabling SSL 3.0, IE is no longer vulnerable to POODLE attacks. Yesterday’s Internet Explorer ...