InfoSecBulletin Cybersecurity for mankind
Google is focusing on improving web privacy by disabling third-party cookies on the Chrome browser. According to Anthony Chavez, VP for Privacy Sandbox, Google will test Tracking Protection, a new feature that limits cross-site tracking by restricting website access to third-party cookies by default.
“We’ll roll this out to 1% of Chrome users globally, a key milestone in our Privacy Sandbox initiative to phase out third party cookies for everyone in the second half of 2024, subject to addressing any remaining competition concerns from the UK’s Competition and Markets Authority,” said Chavez in a blog post.
Over 145,000 ICS Across 175 Countries Found Exposed Online
World to see AI powered “human washing machines”
Hacker compromised over 2000 Palo Alto Networks Firewalls
“Forces Penpals” exposed US and UK Military Social Network’s 1 Million Records
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
The Privacy Sandbox initiative aims to create technologies that protect privacy online and provide tools for companies and developers to build digital businesses. It reduces tracking across sites and apps while keeping online content and services free for everyone.
Chrome will phase out third party cookies in the Privacy Sandbox for web. It will use privacy techniques like differential privacy, k-anonymity, and on-device processing to limit tracking, such as fingerprinting, and restrict the amount of information sites can access, ensuring privacy and security.
Google Chrome is the world’s most popular browser. But it’s also the browser that continues to be targeted by cybercriminals. CloudSEK, a cybersecurity firm, recently reported that hackers are using cookies on the Chrome browser to log into user emails without the need for passwords or authentication.
According to The Independent, a type of malware that uses third party cookies to access private data is currently being tested by hacking groups. This was first discovered in October 2023 when a hacker discussed it on Telegram.
Hackers have discovered a method to steal cookies by exploiting Google authentication cookies. This allows them to bypass the two-factor authentication as well.
“This exploit enables continuous access to Google services, even after a user’s password is reset,” Pavan Karthick M, a threat intelligence researcher at CloudSEK, wrote in a blog post detailing the issue.
Google is securing compromised accounts and all browsers will phase out third-party cookies soon.
“As we work to make the web more private, we’ll provide businesses with tools to succeed online so that high-quality content remains freely accessible — whether that’s news articles, videos, educational information, community sites, or other forms of web content. With Tracking Protection, Privacy Sandbox and all of the features we launch in Chrome, we’ll continue to work to create a web that’s more private than ever, and universally accessible to everyone,” Chavez said.
