Apple Blocks Sites From Abusing HSTS Security Standard to Track Users

20 March 2018

If you are unaware, the security standard HTTP Strict Transport Security (HSTS) can be abused as a ‘supercookie’ to surreptitiously track users of almost every modern web browser online without their knowledge even when they use “private browsing.” Apple has now added mitigations to its open-source browser infrastructure WebKit that underpins its Safari web browser to prevent HSTS abuse after discovering that theoretical attacks demonstrated in 2015 were recently deployed in the wild against Safari users.

Read full news article on The Hacker News

Date:

20 March 2018

Categorie(s):

NEWS

Tag(s):

Apple, Hacking News, HSTS, Industry Standards, Sites, Users

Letting chatbots run robots ends as badly as you’d expect16 November 2024
ANZ CIO Challenges: AI, Cybersecurity & Data Analytics for 202515 November 2024
Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit15 November 2024
Drinking water systems for 26M Americans face high cybersecurity risks15 November 2024
AI, hybrid identity, and cybersecurity’s next frontier: Key takeaways from Semperis CEO at HIP conference15 November 2024