New Flaw Called “Cookiejacking” Allows Hackers to Hijack Cookies in IE

New Flaw Called “Cookiejacking” Allows Hackers to Hijack Cookies in IE

Users of Internet Explorer beware: security researchers have found a new flaw in the popular Microsoft browser that allow hackers to commit something called “cookiejacking”, which enables them to steal information and data from IE cookies from any website.

Despite a few flaws, Internet Explorer remains one of the most commonly used browsers in businesses today, making it a ripe target for hackers looking for security flaws to exploit.

One such flaw has been discovered recently by a security researcher in Italy. Dubbed “cookiejacking”, the flaw allows hackers to hijack a cookie of any website, thereby allowing them to gain access to passwords, credit card information, and various other data stored in the cookie. The flaw is found in any version of Internet Explorer in any version of Windows.

However, users must first drag and drop an item before the exploit can be activated. It might sound like a bit of a stretch, but hackers are known for their creativity, so expect that a seemingly appropriate situation will be presented in which you will find it perfectly normal to do a drag-and-drop action.

Microsoft responded to the threat by labeling it as “low risk”, citing the level of user interaction required for cookiejacking to occur. It did, however, encourage users to be more vigilant and alert, as well as to refrain from clicking suspicious links and visiting dubious websites.

Regardless of what platform or OS you use, there is always the constant threat from cyberattacks all it takes is one attack to break through and put important business data at risk. It is essential to always educate users on how to avoid being victimized by scams and hacks, and to have the right security software to ensure that your company’s information is safe and secure.

If you are interested in user training for security and / or better security protocols, please give us a call and we’ll be happy to draw up a custom security blueprint that’s tailor-made to meet your needs.

Published with permission from TechAdvisory.org. Source.

Post A Comment

You must be logged in to post a comment.