ADVERTISEMENT

30% of top online shopping domains are vulnerable to BEAST SSL attack

30% of eshops are vulnerable to known threats
Edvardas Mikalauskas
Edvardas Mikalauskas Senior Researcher
Nov 24, 2020 Updated: 24 February 2023 4 min read

About this investigation

The good news: Most online shopping servers have good SSL configurations

SSL-configuration
Naturally, A+ is what every server owner should aim for.

The bad news: Online shopping servers susceptible to BEAST, POODLE, and DROWN vulnerabilities

ADVERTISEMENT
Unfortunately, it seems that even good SSL server ratings don’t make web servers impervious to certain common vulnerabilities.
  • 29.5% of web servers are vulnerable to the BEAST attack
  • 0.6% of web servers are susceptible to the POODLE attack
  • 0.08% of web servers have the DROWN vulnerability
It appears that the BEAST attack is still a threat, which is a phrase we didn’t think we’d be uttering in 2020.
How can these websites fix the BEAST vulnerability? By simply disabling TLS 1.0.

Lingering superbugs

More from CyberNews

ADVERTISEMENT