Common TLS Attacks

Because TLS protects so much traffic, attackers constantly look for weaknesses.

Most attacks try to downgrade security, strip encryption, or exploit old protocol flaws.

In a downgrade attack, an attacker interferes with the handshake to force both sides onto an older, weaker protocol or cipher.

The POODLE attack abused a forced downgrade to SSL 3.0.