Google downplays reports of malware abusing an undocumented Chrome API to generate new authentication cookies, saying such token theft attacks "are not new" (Lawrence Abrams/BleepingComputer)

Jan. 6, 2024, 9:25 p.m. |

Lawrence Abrams / BleepingComputer:

Google downplays reports of malware abusing an undocumented Chrome API to generate new authentication cookies, saying such token theft attacks “are not new” — Google is downplaying reports of malware abusing an undocumented Google Chrome API to generate new authentication cookies when previously stolen ones have expired.

abusing api attacks authentication authentication cookies bleepingcomputer chrome cookies google lawrence abrams malware reports theft token token theft undocumented

Visit resource

More from www.techmeme.com / Techmeme

Google releases an emergency Chrome update to patch the third zero-day vulnerability exploited within a … 17 hours ago | www.techmeme.com

bleepingcomputer chrome chrome update emergency +14

Consumers protection groups across the EU file coordinated complaints against Temu, accusing the e-commerce platform … 23 hours ago | www.techmeme.com

breaches commerce consumer consumer protection +9

Palo Alto Networks is buying IBM's QRadar cloud security software assets and moving customers to … 1 day, 7 hours ago | www.techmeme.com

alto assets cloud cloud security +15

The US DOJ indicts two brothers for allegedly stealing $25M in crypto via an exploit … 1 day, 9 hours ago | www.techmeme.com

attack coindesk crypto doj +6

Google unveils Android 15 security features, like Theft Detection Lock, which detects motions associated with … 1 day, 10 hours ago | www.techmeme.com

android array data detection +13

Google announces a threat detection capability coming to Android that uses on-device AI to spot … 1 day, 11 hours ago | www.techmeme.com

android apps coming detection +9

The FBI seizes the notorious BreachForums hacking forum used to leak and sell stolen corporate … 1 day, 12 hours ago | www.techmeme.com

bleepingcomputer breachforums channel corporate +14

Billionaire tech critic Frank McCourt says he is preparing a "people's bid" to buy and … 1 day, 14 hours ago | www.techmeme.com

ben control data frank +6

Humanity Protocol, a blockchain-based identity system that uses scans of people's palms, raised a $30M … 1 day, 15 hours ago | www.techmeme.com

blockchain bloomberg capital humanity +10

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Brand Experience and Development Associate (Libby's Pumpkin)

@ Nestlé | Arlington, VA, US, 22209

View on infosec-jobs.com

Cybersecurity Analyst

@ L&T Technology Services | Milpitas, CA, US

View on infosec-jobs.com

Information Security Analyst

@ Fortinet | Burnaby, BC, Canada

View on infosec-jobs.com

all InfoSec news

Google downplays reports of malware abusing an undocumented Chrome API to generate new authentication cookies, saying such token theft attacks "are not new" (Lawrence Abrams/BleepingComputer)

More from www.techmeme.com / Techmeme

Jobs in InfoSec / Cybersecurity

Information Security Engineers

Technology Security Analyst

Senior Cyber Security Analyst

Brand Experience and Development Associate (Libby's Pumpkin)

Cybersecurity Analyst

Information Security Analyst