Friday, September 25, 2015

Exploiting Browser Cookies to Bypass HTTPS and Steal Private Information

A newly discovered critical flaw in the implementation of web cookies by major browsers could open secured (HTTPS) browsing to Man-in-the-middle attacks. The US Computer Emergency Response Team (CERT) has revealed that all the main browser vendors have improperly implemented the RFC 6265 Standard, also referred to as "Browser Cookies," allowing… …remote attackers to bypass secure HTTPS


from The Hacker News http://ift.tt/1YFxhPt

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.