AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Cybersecurity emergency: Google cookies in the sights of hackers

Security experts alert: Google session data vulnerability under hacker attack

A report indicates that there is malware stealing Google session cookies to access user accounts. Even changing your password doesn't stop the attack. Google is working to fix the problem.

This pill is also available in Italian language

A recent CloudSEK report echoes an evolved threat that worries cyber security experts: specific types of malware have targeted session cookies used by Google services. This data, usually used to keep users connected to their accounts, can be exploited to obtain unauthorized access, without the victim being aware. On the Telegram platform, a potentially malicious channel has spread information about this vulnerability, reinforcing the need for vigilant attention to digital security.

Malware and advanced attack strategies

Google's commonly trusted authentication mechanism is vulnerable to a particular attack method that appears to evade even the protection afforded by two-factor authentication. The technical analysis conducted on the malware algorithms illustrates a complex attack and the use of methods that strike depths of the security architecture, highlighting the ability of attackers to bypass traditional protection systems. Malware like Lumma has been updated to exploit these mechanisms, intensifying the risks for users.

Impact on user security

The danger of such an attack intensifies when it is realized that the compromise persists even after users have changed their login credentials. This gives attackers the ability to withhold access for extended periods, putting user data and privacy at risk. Google, the tech giant that develops the Chrome browser, is aware of this situation and is working to identify and protect compromised profiles.

Recommendations for data protection

For those who need to defend their personal data, the current advice is to follow Google's guidelines, eliminating malicious software and activating safe navigation systems. CloudSEK urges immediate logging out of all profiles in the event of a suspected compromise, as a precaution until Google implements permanent fixes. Furthermore, periodically updating passwords remains a recommended step, although this measure does not guarantee absolute protection against the most sophisticated attacks.

Follow us on Telegram for more pills like this

01/13/2024 12:05

Marco Verro

Last pills

Italy's success in cybersecurityHow Italy achieved excellence in global cybersecurity: strategies, collaborations, and international successes

IntelBroker alleged breach of Deloitte systemsServer exposed: how Deloitte's security may have been compromised by a cyber attack

Vo1d infections on Android TV boxes: how to protect your devicesLearn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon