Brits hate how big tech handles their data, but can’t be bothered to do much about it

October 3, 2024 at 05:20AM Only 19% of Brits are satisfied with big tech companies’ handling of their personal data, with most rejecting optional cookies and deleting cookies as measures of control. Over 60% rejected optional cookies, while 50% deleted them, and 44.4% changed privacy settings. Some cited lack of knowledge as the reason for … Read more

Chrome to Fight Cookie Theft With Device Bound Session Credentials 

April 2, 2024 at 12:45PM Google is introducing Device Bound Session Credentials (DBSC) to Chrome, preventing cookie theft by binding browser authentication sessions to the device. This technology, developed by the Web Incubator Community Group, uses private key authentication. DBSC ensures sessions are secure and deters cookie theft malware, with plans for widespread implementation by … Read more

1-Click Takeover Bug in AWS Apache Airflow Reveals Larger Risk

March 21, 2024 at 01:33PM A bug in an AWS workflow management service led to cookie tossing, revealing a broader issue affecting major cloud services. Based on the meeting notes, it seems that a bug has affected users of an AWS workflow management service, potentially exposing them to cookie tossing. However, this incident has also … Read more

France Fines Yahoo 10 Mn Euros Over Cookie Abuses

January 22, 2024 at 06:12AM France’s data protection authority fined Yahoo 10 million euros for disregarding users’ rejection of internet-tracking cookies and implying loss of access to email accounts if they refused. Investigations revealed visitors who rejected cookies still had digital trackers deposited and Yahoo Mail users were warned about losing access to services if … Read more

UK’s cookie crumble: Data watchdog serves up tougher recipe for consent banners

November 22, 2023 at 05:26AM The UK’s Information Commissioner’s Office (ICO) is cracking down on website design to ensure that opting out of cookies is as easy as opting in. The ICO has given 30 days’ notice to companies running popular websites in the UK, warning them to comply with data protection regulations or face … Read more

Okta says its support system was breached using stolen credentials

October 20, 2023 at 02:48PM Attackers breached Okta’s support management system using stolen credentials, gaining access to files containing cookies and session tokens uploaded by customers. The incident did not impact the production Okta service or the Auth0/CIC case management system. Okta notified affected customers and advised all customers to sanitize their HAR files to … Read more