News

World
Politics
Business
Science
Sport
Archive

Latest In

News

Finance

Investing
Banking
Freelancing
Real Estate
Personal Finance & Wealth
Fintech

Latest In

Finance

Celebrities

Hollywood Spotlight
Music Artists
Next Gen
Celebrity Couples
Royals
Global Icons

Latest In

Celebrities

Entertainment

Movies & TV Shows
Reviews
Technology
Gambling
Fashion
Trending

Latest In

Entertainment

Crypto

Bitcoin
Altcoins
NFT
Mining & Security
Strategies & Analysis
Blockchain

Latest In

Crypto

Travel

Latest In

Travel

Health

Nutrition
Medical Conditions
Beauty
Reiki
Wellness Tips
Drugs & Supplements

Latest In

Health

Others

Society
Culture
Numerology

Latest In

Others

Microsoft latest security risk: "Cookiejacking"

A computer security researcher discovered a bug in Microsoft Corp.'s commonly used Internet Explorer browser, which he claims might allow hackers to steal passwords to access websites such as Facebook, Twitter, and others.

Author:Elisa Mueller
Reviewer:James PierceApr 07, 2023136K Shares3.3M Views
A computer security researcher discovered a bug in Microsoft Corp.'s commonly used Internet Explorer browser, which he claims might allow hackers to steal passwords to access websites such as Facebook, Twitter, and others.
He refers to the tactic as "cookiejacking."
“Any website will do. Any cookie will do. “Your creativity is the only limit,” Rosario Valotta, an independent Internet security researcher based in Italy, said.
Hackers may use the bug to gain access to a "cookie," a data file located within the browser that contains the user name and password for a web account, according to Valotta.
According to Valotta, who calls the method "cookiejacking," if a hacker has the cookie, he or she will use it to access the same platform.
The flaw affects all versions of Internet Explorer, including Internet Explorer 9, on any version of Windows.
Before the cookie can be hijacked, the hacker must convince the user to drag and drop an icon onto the PC's computer.
That may seem to be a daunting challenge, but Valotta claims he was able to complete it relatively quickly. He created a puzzle that he shared on Facebook, challenging users to "undress" a screenshot of a beautiful lady.
“I posted this game on Facebook, and more than 80 cookies were sent to my server in less than three days,” he said. “On top of that, I just have 150 friends.”
According to Microsoft, the chances of a hacker succeeding in a real-world cookiejacking scam are slim.
According to Microsoft spokesman Jerry Bryant, “given the amount of required user engagement, this problem is not something we consider high risk.”
“To be affected, a user must access a malicious website, be persuaded to click and drag things across the screen, and the intruder must target a cookie from the website the user was already logged into,” Bryant said.
Elisa Mueller

Elisa Mueller

Author
James Pierce

James Pierce

Reviewer
Latest Articles
Popular Articles