In a chilling development on the cybersecurity front, a potent new malware strain has emerged, employing an unconventional tactic to infiltrate Google accounts. This intricate risk leverages cookies, typically used for benign website functionality, as a gateway for unauthorised access. Cybersecurity professionals are alarmed by the ingenuity displayed by the perpetrators of this novel attack method. Exploring the digital world demands a heightened sense of vigilance. Whether you’re an individual safeguarding personal data or an organisation securing critical information, staying alert is key to warding off these sneaky cyber threats.
Browser cookies serve the practical purpose of remembering actions on websites, but they also pose security risks. While Google Chrome addresses third-party cookies, a recent vulnerability exposes Google accounts to potential compromise. Malicious groups are actively selling an exploit that enables unauthorised access, bypassing passwords and two-factor authentication. Discovered in October 2023, Google is diligently addressing the identified issue through reverse engineering methodologies.
This zero-day exploit allows cybercriminals to retrieve session cookies, a critical element in Google’s login authentication. Even after users change passwords, this vulnerability remains a threat. The exploit was initially disclosed by an entity known as PRISMA, leading to subsequent investigations. Google acknowledges the issue and advises af
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: