![We told you over the weekend that the untethered jailbreak for iOS devices running iOS 5.1.1 is dropping this week. The hacker who’s been spearheadi...](http://news.hitb.org/sites/default/files/styles/slideshow/public/field/image/Screen-Shot-2012-05-22-at-4.12.44-PM.jpg "<a Href=\"/content/will-hackers-pull-one-more-thing-and-release-ios-511-jailbreak-friday\">Will Hackers Pull A "One More Thing" And Release IOS 5.1.1 Jailbreak This Friday?</a>")
#HITB2011AMS - IE Security Flaw Exposes Your Cookies
An Italian security researcher has demonstrated an exploit in Microsoft’s web browser that could allow remote stealing of digital credentials, or cookies, The Register is reporting.
Rosario Valotta demonstrated his “cookiejacking” proof of concept last week at the Hack in the Box security conference in Amsterdam. His hack exposes a flaw in all current versions of Internet Explorer (IE) to steal session cookies that Facebook and other websites issue once a user has entered a valid password and corresponding user name.
The cookie acts as a digital credential that allows the user to access a specific account. This code specifically targets cookies issued by Facebook, Twitter and Google Mail, but Valotta said the technique can be used on virtually any website and affects all versions of Windows. “You can steal any cookie. There is a huge customer base affected (any IE, any Win version).”L33tdawg: All presentation materials from #HITB2011AMS is available for download here: http://conference.hitb.nl/hitbsecconf2011ams/materials/
Recent comments