IE Vulnerability Can Lead to “Cookiejacking”


An independent internet security researcher has revealed that an unpatched vulnerability across all versions of Microsoft’s web browser Internet Explorer (IE) running on any version of Microsoft’s Windows operating system can lead to attacks wherein credentials used in web browsing to access Facebook, Twitter and Gmail accounts are stolen. What’s more, Rosario Valotta, an Italian security expert, says that although his proof of concept code exploits cookies used to access Facebook, Twitter and Gmail accounts, a crafty attacker can possibly exploit the vulnerability to gain access to cookies for virtually any website. In a method he calls “cookiejacking”, Valotta said that the method can be used for “any website” and “any cookie” and that the “limit is just your imagination”, a report from Reuters says. According to the internet security researcher, using the exploit, an attacker can hijack an IE “cookie” which holds credentials to gain access to accounts. Valotta demonstrated his proof of concept code at a security conference held in Amsterdam last week, a report from U.K.’s The Register says.
According to the report, an attacker can use a special iframe tag which is embedded onto a malicious website to take advantage of the exploit. “The attack exploits a vulnerability in the IE security zones feature that allows users to segregate trustworthy websites from those they don’t know or don’t ever want to access,” the publication reports. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info. Thank You ! -Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You! -Team VOGH

Categories:

0 comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...