#sessioncookies — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #sessioncookies, aggregated by home.social.
-
Mashable: Tired of cookie consent pop-ups? You soon may see less of them.. “The European Commission is currently looking into relaxing a 2009 EU law that has inadvertently led to the endless cookie consent pop-ups around the web. The law, called the e-Privacy Directive, requires websites to request consent from users before loading cookies on their computer or mobile device.”
-
Mashable: Tired of cookie consent pop-ups? You soon may see less of them.. “The European Commission is currently looking into relaxing a 2009 EU law that has inadvertently led to the endless cookie consent pop-ups around the web. The law, called the e-Privacy Directive, requires websites to request consent from users before loading cookies on their computer or mobile device.”
-
Mashable: Tired of cookie consent pop-ups? You soon may see less of them.. “The European Commission is currently looking into relaxing a 2009 EU law that has inadvertently led to the endless cookie consent pop-ups around the web. The law, called the e-Privacy Directive, requires websites to request consent from users before loading cookies on their computer or mobile device.”
-
Mashable: Tired of cookie consent pop-ups? You soon may see less of them.. “The European Commission is currently looking into relaxing a 2009 EU law that has inadvertently led to the endless cookie consent pop-ups around the web. The law, called the e-Privacy Directive, requires websites to request consent from users before loading cookies on their computer or mobile device.”
-
Mashable: Tired of cookie consent pop-ups? You soon may see less of them.. “The European Commission is currently looking into relaxing a 2009 EU law that has inadvertently led to the endless cookie consent pop-ups around the web. The law, called the e-Privacy Directive, requires websites to request consent from users before loading cookies on their computer or mobile device.”
-
What does it mean to ‘accept’ or ‘reject’ all cookies, and which should I choose?
-
A seemingly harmless Chrome extension can now hijack your digital keys—stealing Azure session cookies and bypassing MFA. Curious how this stealthy Cookie-Bite attack works and what you can do to stay secure?
https://thedefendopsdiaries.com/understanding-and-mitigating-the-cookie-bite-attack/
#cookiebiteattack
#azuresecurity
#sessioncookies
#cyberthreats
#microsoft365security -
A seemingly harmless Chrome extension can now hijack your digital keys—stealing Azure session cookies and bypassing MFA. Curious how this stealthy Cookie-Bite attack works and what you can do to stay secure?
https://thedefendopsdiaries.com/understanding-and-mitigating-the-cookie-bite-attack/
#cookiebiteattack
#azuresecurity
#sessioncookies
#cyberthreats
#microsoft365security -
Warning: Hackers could take over your email account by stealing cookies, even if you have MFA https://www.malwarebytes.com/blog/news/2024/11/warning-hackers-could-take-over-your-email-account-by-stealing-cookies-even-if-you-have-mfa #sessioncookies #emailaccounts #rememberme #Threats #News
-
Google fighting back against session hijackers: stolen cookies to be worthless
https://cybernews.com/tech/google-fighting-against-session-hijackers-cookies/ #cybersecurity #gmail #youtube #sessioncookies -
@11110110101 @heiseonline
Wenn ich das Original (https://www.cloudsek.com/blog/compromising-google-accounts-malwares-exploiting-undocumented-oauth2-functionality-for-session-hijacking) richtig lese, besteht das Problem nur für schon geknackt Accounts. Vermutlich hilft MFA, damit es gar nicht so weit kommt?Sonst:
"If you suspect your account may have been compromised, or as a general precaution, sign out of all browser profiles to invalidate the current session tokens. Following this, reset your password and sign back in to generate new tokens." -
Sneak peek at the new
ronin-web session-cookiecommand coming in ronin-web-1.1.0:$ ./bin/ronin-web session-cookie "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
{
"sub": "1234567890",
"name": "John Doe",
"iat": 1516239022
}
$ ./bin/ronin-web session-cookie --verbose "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
Type: JWT
Header:
{
"alg": "HS256",
"typ": "JWT"
}
Params:
{
"sub": "1234567890",
"name": "John Doe",
"iat": 1516239022
}
HMAC: "I\xf9J\xc7\x04IH\xc7\x8a(\\\x90O\x87\xf0\xa4\xc7\x89\x7f~\x8f:N\xb2%V\x9dB\xcb0\xe5" -
Bugcrowd tries to muzzle hacker who found Netflix account compromise weakness - Enlarge
A Netflix security weakness that allows unauthorized access to user accounts over local ... more: https://arstechnica.com/?p=1661520 #accountcompromise #sessioncookies #netflix #biz&it #https #http -
HackerOne breach lets outside hacker read customers’ private bug reports - Enlarge (credit: blogtrepreneur.com/tech)
As a leading vulnerability reporting platform, HackerOn... more: https://arstechnica.com/?p=1627495 #accounttakeover #sessioncookies #databreach #hackerone #biz&it