InfoSecBulletin Cybersecurity for mankind
Google is focusing on improving web privacy by disabling third-party cookies on the Chrome browser. According to Anthony Chavez, VP for Privacy Sandbox, Google will test Tracking Protection, a new feature that limits cross-site tracking by restricting website access to third-party cookies by default.
“We’ll roll this out to 1% of Chrome users globally, a key milestone in our Privacy Sandbox initiative to phase out third party cookies for everyone in the second half of 2024, subject to addressing any remaining competition concerns from the UK’s Competition and Markets Authority,” said Chavez in a blog post.
Researcher Found Multiple Vulnerabilities In Apple’s AirPlay Protocol
Massive Attack: Hacker Actively Use 4800+ IPs To Attack Git Configuration Files
CISA Adds Actively Exploited Broadcom Flaws to KEV Database
Google reports 97 zero-days exploited in 2024, 50% in spyware attacks
Palo Alto Networks to Acquire AI Security Firm “Protect AI”
CISA Releases Seven ICS Advisories
India Launches First Quantum Computing Village in Amaravati
400+ SAP NetWeaver Devices Vulnerable to 0-Day Attacks
30 Teams Qualify for Online Preliminary Round At UAP CTF Contest
CVE-2025-43859
Request Smuggling Vulnerability in Python’s h11 HTTP Library
The Privacy Sandbox initiative aims to create technologies that protect privacy online and provide tools for companies and developers to build digital businesses. It reduces tracking across sites and apps while keeping online content and services free for everyone.
Chrome will phase out third party cookies in the Privacy Sandbox for web. It will use privacy techniques like differential privacy, k-anonymity, and on-device processing to limit tracking, such as fingerprinting, and restrict the amount of information sites can access, ensuring privacy and security.
Google Chrome is the world’s most popular browser. But it’s also the browser that continues to be targeted by cybercriminals. CloudSEK, a cybersecurity firm, recently reported that hackers are using cookies on the Chrome browser to log into user emails without the need for passwords or authentication.
According to The Independent, a type of malware that uses third party cookies to access private data is currently being tested by hacking groups. This was first discovered in October 2023 when a hacker discussed it on Telegram.
Hackers have discovered a method to steal cookies by exploiting Google authentication cookies. This allows them to bypass the two-factor authentication as well.
“This exploit enables continuous access to Google services, even after a user’s password is reset,” Pavan Karthick M, a threat intelligence researcher at CloudSEK, wrote in a blog post detailing the issue.
Google is securing compromised accounts and all browsers will phase out third-party cookies soon.
“As we work to make the web more private, we’ll provide businesses with tools to succeed online so that high-quality content remains freely accessible — whether that’s news articles, videos, educational information, community sites, or other forms of web content. With Tracking Protection, Privacy Sandbox and all of the features we launch in Chrome, we’ll continue to work to create a web that’s more private than ever, and universally accessible to everyone,” Chavez said.
