1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Exploiting Browser Cookies to Bypass HTTPS and Steal Private Information

Discussion in 'The Hacker News' started by RSS, Sep 25, 2015.

  1. RSS

    RSS New Member Member

    A newly discovered critical flaw in the implementation of web cookies by major browsers could open secured (HTTPS) browsing to Man-in-the-middle attacks. The US Computer Emergency Response Team (CERT) has revealed that all the main browser vendors have improperly implemented the RFC 6265 Standard, also referred to as "Browser Cookies," allowing… …remote attackers to bypass secure HTTPS
    [​IMG]
    [​IMG]

    Continue reading...
     

Share This Page