all InfoSec news
Towards Browser Controls to Protect Cookies from Malicious Extensions
May 14, 2024, 4:11 a.m. | Liam Tyler, Ivan De Oliveira Nunes
cs.CR updates on arXiv.org arxiv.org
Abstract: Cookies provide a state management mechanism for the web and are often used for authentication, storing a user's session ID, and replacing their credentials in subsequent requests. These ``session cookies'' are valuable targets of attacks such as Session Hijacking and Fixation that attempt to steal them and gain unauthorized access to user accounts. Multiple controls such as the Secure and HttpOnly cookie attributes restrict cookie accessibility, effectively mitigating attacks from the network or malicious websites, …
arxiv attacks authentication browser controls cookies credentials cs.cr extensions hijacking malicious malicious extensions management mechanism protect requests session session cookies session hijacking state steal the web web
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)