Forbes

New 2FA Security Warning—30 Million Authentication Cookies Up For Sale

Update, Dec. 03, 2024: This story, originally published Dec. 02, now updated to reflect the 2FA-bypass security threat beyond Black Friday and Cyber Monday. The busiest period of online shopping, ...
ZDNet

Some enterprise VPN apps store authentication/session cookies insecurely

At least four Virtual Private Network (VPN) applications sold or made available to enterprise customers share security flaws, warns the Carnegie Mellon University CERT Coordination Center (CERT/CC) ...
Bleeping Computer

Malware abuses Google OAuth endpoint to ‘revive’ cookies, hijack accounts

Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named "MultiLogin" to restore expired authentication cookies and log into users' accounts, even if an ...
Digital Trends

Hackers are using cookies to sidestep two-factor authentication

“Cookie stealing” is among the latest trends in cybercrimes that hackers are using to bypass credentials and access private databases, according to Sophos. Typical security advice for organizations ...
Bleeping Computer

Chrome 69 Keeps Google's Cookies After You Clear Browser Data

It has been discovered that when you try to clear all cookies in the Chrome browser, every cookie will be deleted except for authentication cookies created by Google. This means that after clearing ...