Websites Face Severe Security Risks: SSL Labs Warns of Zombie POODLE and More
Websites using certain encryption methods face severe security risks. Labcorp has identified vulnerabilities such as Zombie POODLE, GOLDENDOODLE, 0-Length OpenSSL, and Sleeping POODLE. From May 30, 2019, these sites will receive an 'F' grade, indicating serious security issues. These vulnerabilities target websites using Cipher Block Chaining (CBC) modes with TLS 1.2, 1.1, or 1.0. Labcorp has been warning operators about these weaknesses, marking affected cipher suites in orange with the text 'WEAK'. Starting late May, Labcorp will assign an 'F' grade to operators using these vulnerable methods. This includes TLS 1.2, 1.1, and 1.0 with CBC encryption suites. While specific affected operators remain unknown, all using these methods are at risk of attacks like Zombie POODLE, GOLDENDOODLE, 0-Length OpenSSL, and Sleeping POODLE. Website operators must urgently review their security measures. If using CBC modes with TLS 1.2, 1.1, or 1.0, they should switch to safer alternatives. Failure to do so may result in an 'F' grade and potential security breaches.
