How Google plans to make stolen session cookies worthless for attackers

Google is working on a new security feature for Chrome called Device Bound Session Credentials (DBSC), meant to prevent attackers from using stolen session cookies to gain access user accounts. Session (i.e., authentication) cookies are stored by brows… Continue reading How Google plans to make stolen session cookies worthless for attackers

Microsoft Says State-Sponsored Attackers Accessed Senior Leaders’ Emails

The Midnight Blizzard gang appears to have been looking for information about itself. See how organizations can protect their accounts from password spray attacks. Continue reading Microsoft Says State-Sponsored Attackers Accessed Senior Leaders’ Emails

Out with the old and in with the improved: MFA needs a revamp

From AI to ZTA (zero-trust architecture), the technology responsible for protecting your company’s data has evolved immensely. Despite the advances, cybercriminals repeatedly find new and creative ways to gain access to sensitive information. This can … Continue reading Out with the old and in with the improved: MFA needs a revamp