Firefox kills the Battery Status ‘super cookie’
What is the Battery Status API good for? Besides tracking you online that is.
Naked Security – Sophos
Tag Archive for: cookie
iOS cookie theft bug allowed hackers to impersonate users
Apple has squashed a bug in its iOS operating system that made it possible for hackers to impersonate end users who connect to websites that use unencrypted authentication cookies.
The vulnerability was the result of a cookie store iOS shared between the Safari browser and a separate embedded browser used to negotiate “captive portals” that are displayed by many Wi-Fi networks when a user is first joining. Captive portals generally require people to authenticate themselves or agree to terms of service before they can gain access to the network.
According to a blog post published by Israeli security firm Skycure, the shared resource made it possible for hackers to create a booby-trapped captive portal and associate it with a Wi-Fi network. When someone with a vulnerable iPhone or iPad connected, it could steal virtually any HTTP cookie stored on the device. Skycure researchers wrote:
Misfortune Cookie Takes Bite Out of Internet Security – Tom’s Guide
|
Misfortune Cookie Takes Bite Out of Internet Security
Tom’s Guide This cookie wants to take a bite out of you: A serious security flaw called Misfortune Cookie affects more than 12 million routers, modems and other "gateway devices" — as well as all the devices connected to them, from computers, smartphones and … |
Chase, American Express, Office 365 vulnerable to cookie replay attacks
You are Bob. I am Alice. Although we can’t see them, two others – Eve and Mallory – are reading over our shoulders. Eve is feeling evil and Mallory is full of malicious intent. Both Bob and Alice have accounts with financial services we access via the Internet.
Ms. Smith’s blog