recentpopularlog in

hthief : hacking   6

Stealing Chrome cookies without a password
Through use of remote debugging and running headless chrome, it is possible to salvage all the user's cookies. Some other insights into prevention, through channel-bound cookies, a feature that is being removed on chrome, also provided
cookies  security  debugging  google  hacking  privacy  chrome  infosec 
december 2018 by hthief
Sennheiser discloses monumental blunder that cripples HTTPS on PCs and Macs | Ars Technica
The critical HeadSetup vulnerability stems from a self-signed root certificate installed by version 7.3 of the app that kept the private cryptographic key in a format that could be easily extracted. Because the key was identical for all installations of the software, hackers could use the root certificate to generate forged TLS certificates that impersonated any HTTPS website on the Internet. Although the self-signed certificates were blatant forgeries, they will be accepted as authentic on comp...
security  hacking 
november 2018 by hthief

Copy this bookmark:





to read