POODLE
I have been meaning to get back on the blogging horse for some time, and what better way than with a new SSL vulnerability.
POODLE was announced this morning. It's a 5/10 on the panic scale, but both users and sysadmins should take action now.
This one isn't particularly exciting compared to the recent sky-is-falling heartbleed and shellshock - instead of giving away all your secrets and/or shell access to anyone with curl, the worst-case scenario with POODLE is that someone can read your SSL traffic; still bad, but for most people running small sites it's ...