TechRepublic

Cookie theft threat: When multi-factor authentication is not enough

Cookie theft threat: When multi-factor authentication is not enough Your email has been sent Multi-factor authentication (MFA) is a good security measure, most of the ...
9to5google

Chrome working to combat cookie theft with new web standard

Cookie theft malware steals authentication cookies to gain access to web accounts, and the Google Chrome team is proposing Device Bound Session Credentials (DBSC) to counter it. Cookies – small files ...
Bleeping Computer

PayPal files patent for new method to detect stolen cookies

PayPal has filed a patent application for a novel method that can identify when "super-cookie" is stolen, which could improve the cookie-based authentication mechanism and limit account takeover ...
Bleeping Computer

Clever phishing method bypasses MFA using Microsoft WebView2 apps

A clever, new phishing technique uses Microsoft Edge WebView2 applications to steal victim's authentication cookies, allowing threat actors to bypass multi-factor authentication when logging into ...
Computer Weekly

Growing MFA use spurs ‘pass-the-cookie’ attacks

The tried-and-true technique of using stolen session cookies to bypass multifactor authentication (MFA) protections and gain access to key systems has increased massively in recent months, according ...