Blog Posts Tagged with "Cookies"
DEUCE: Bypassing DLP with Cookies
July 19, 2012 Added by:f8lerror
DEUCE went from simple concept to a multi-encoding and encryption DLP bypass tool. The program simply takes an input file and creates a cookie for each line. DEUCE has the ability to encrypt via AES, hash with MD5 or use a custom multi-encode with a 3 times replacement cipher...
Comments (0)
Cookies: Should We Really Like Them?
June 01, 2012 Added by:Ahmed Saleh
You should acknowledge that Cookies are widely used and can't really be avoided. If you wish to enjoy your internet surfing experience by navigating to “cookie creating websites” you should have a clear understanding of how cookies operate, and how to protect them from being abused...
Comments (0)
Will Industry Agree to a Meaningful Do Not Track?
April 27, 2012 Added by:Electronic Frontier Foundation
A coalition of companies say they "only" want to track opted-out users for security purposes, market research, testing and improving their various advertising and tracking products, auditing, copyright enforcement and other "legal compliance" purposes, not other purposes...
Comments (3)
Tangled Web: A Guide to Securing Modern Web Applications
February 26, 2012 Added by:Ben Rothke
There is no doubt that some sites use cookies as a mechanism for malicious use. But that there is nothing that makes it uniquely suited for this task, as there are many other equivalent ways to sore unique identifiers on visitor’s computes, such as cache-based tags...
Comments (0)
Google Circumvents Browser Privacy - Why We Need Do Not Track
February 26, 2012 Added by:Electronic Frontier Foundation
One way that Google can prove itself as a good actor is by providing meaningful ways for users to limit what data is collected. It’s time Google's third-party web servers start respecting Do Not Track requests, and time for Google to offer a built-in Do Not Track option...
Comments (0)
Is LinkedIn Really Secure?
February 24, 2012 Added by:Brittany Lyons
LinkedIn has faced scams and viral attacks, and users have watched private information become public without their permission. Online vulnerability is a problem, and though LinkedIn has addressed issues in a punctual manner, this does not prevent new problems from arising...
Comments (0)
Malware Infection Rates – Who Has the Most Viruses?
December 07, 2011 Added by:Dan Dieterle
A look at the top viruses for each country shows a lot of cookie based viruses. Which may or may not be real viruses, but the rates are high none the less. But how does this compare to what other vendors are finding?
Comments (0)
Cookiejacking Exploit Threatens Facebook Accounts
May 26, 2011 Added by:Headlines
"The attack exploits a vulnerability in the IE security zones feature... By embedding a special iframe tag in a malicious website, an attacker can circumvent this cross zone interaction and cause the browser to expose cookies stored on the victim's computer..."
Comments (0)
LinkedIn SSL Leaves Accounts Vulnerable to Hijacking
May 23, 2011 Added by:Headlines
"There exists multiple vulnerabilities in LinkedIn in which it handles the cookies and transmits them over SSL. This vulnerability if exploited, can result in hijacking of user accounts, and/or modifying the user information without the consent of the profile owner..."
Comments (0)
Cookies and Your Privacy: Past, Present and Future
April 24, 2011 Added by:Theresa Payton
If restrictions to cookies become common place on the internet, the Internet Advertising Bureau will be forced to make major changes to the way they obtain information about internet users. This could alter the entire structure of internet advertising as we know it today...
Comments (0)
LinkedIn Sued for Disclosing User IDs to Advertisers
March 31, 2011 Added by:Headlines
Referrer headers sent to the third parties contain a unique identifier that is associated with a cookie issued by LinkedIn. The suit maintains that this practice reveals sensitive information regarding the referring member's browsing habits and history...
Comments (0)
Are Internet Cookies Good or Bad?
February 25, 2011 Added by:Robert Siciliano
Several companies use cookies as well as other technologies, such as tokens, along with sophisticated and unique pattern matching that can only be derived from extensive and unique experiences with a shared reputation database, to identify and re-identify devices...
Comments (1)
Privacy Legal Risk Environment Shifts Again
February 01, 2011 Added by:David Navetta
Companies that handle personal information, especially those that provide online behavioral advertising services, and those that purchase or participate in such services, should consider a risk assessment of their policies, processes and activities in order to reduce legal risks...
Comments (0)
Is Truly Anonymous Web Browsing Even Possible?
January 13, 2011 Added by:Rafal Los
On one end of the argument you must concede that in order to have an acceptable user experience you must be tracked to some acceptable extent, while the other end of the argument would say that we don't want web sites, vendors and nation-states/organizations tracking us and our browsing habits...
Comments (3)
Online Privacy: Fighting for Your Eyeballs
January 06, 2011 Added by:Robert Siciliano
Most major websites now install cookies on your computer, which track what you do online. Over time, these cookies develop a profile, which becomes your digital fingerprint, to a certain extent. Microsoft, Google, Facebook, and most major newspapers, retailers, and advertisers are in on the game...
Comments (0)
The Misconceptions of Sidejacking with Firesheep
December 12, 2010 Added by:Stefan Fouant
Recent activity around a new Firefox extension developed by a pair of researchers brings the issue of session hijacking front and center. Firesheep essentially enables an attacker to grab other people's credentials and use them to gain access to various web sites...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)