JD Supra

Privacy FAQs: Does the CCPA require a cookie banner when a company uses first-party session cookies?

The California Consumer Privacy Act ("CCPA") was enacted in early 2018 as a political compromise to stave off a poorly drafted, and plaintiff’s friendly ballot ...
Dark Reading

Many ZTNA, MFA Tools Offer Little Protection Against Cookie Session Hijacking Attacks

Many of the tools that organizations are deploying to isolate Internet traffic from the internal network — such as multifactor authentication, zero-trust network access, SSO, and identity provider ...
Computer Weekly

Session fixation protection: How to stop session fixation attacks

Question: What is session fixation and how can I protect my users from it? Session fixation is a vulnerability caused by incorrectly handling user sessions in a Web application. A user’s session is ...
Modern Engineering Marvels on MSN

Passkeys beat passwords but cookie hijacking could still get you

So from the perspective of the website, it just sees that it’s a valid cookie.” That’s the unvarnished warning from Trevor ...
Computer Weekly

Growing MFA use spurs ‘pass-the-cookie’ attacks

The tried-and-true technique of using stolen session cookies to bypass multifactor authentication (MFA) protections and gain access to key systems has increased massively in recent months, according ...