November 14, 2024 at 03:49PM New Glove Stealer malware can infiltrate Google Chrome’s App-Bound encryption, successfully stealing browser cookies. This poses significant security risks, as it can access sensitive information from users’ online activities. **Meeting Takeaways:** 1. **New Malware Alert**: A new information-stealing malware named “Glove Stealer” has been identified. 2. **Bypassing Security Features**: Glove … Read more
September 24, 2024 at 01:35PM Infostealer malware developers claimed to bypass Google Chrome’s App-Bound Encryption feature, aiming to protect sensitive data like cookies. While the model prevents infostealer malware from stealing secrets stored in Chrome, security researchers observed multiple developers boasting about implementing a working bypass. Latest tests confirmed some malware variants can bypass the … Read more
April 3, 2024 at 10:15AM Google is testing Device Bound Session Credentials (DBSC) in Chrome to protect against session hijacking by malware. The feature binds authentication sessions to a device, disrupting cookie theft and making it harder to abuse stolen cookies. It uses a cryptographic approach and is initially rolled out to half of Chrome’s … Read more
April 3, 2024 at 08:11AM Google is addressing cookie theft by developing Device Bound Session Credentials (DBSC) to tie authentication data to a specific device, making stolen cookies useless. DBSC creates public/private key pairs and associates sessions with the public key, preventing correlation between keys from different sessions to protect privacy. Google expects to support … Read more
April 2, 2024 at 02:13PM Google has unveiled a new Chrome security feature called Device Bound Session Credentials (DBSC), which cryptographically binds authentication cookies to a specific device, preventing hackers from stealing them for account hijacking. This enhanced security measure effectively thwarts cookie theft malware and is expected to be supported by half of Chrome … Read more