#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

tracking cookies | Breaking Cybersecurity News | The Hacker News

Case Study: The Cookie Privacy Monster in Big Global Retail

Case Study: The Cookie Privacy Monster in Big Global Retail

Jan 16, 2024 Data Security / Privacy Compliance
Explore how an advanced exposure management solution saved a major retail industry client from ending up on the naughty step due to a misconfiguration in its cookie management policy. This wasn't anything malicious, but with modern web environments being so complex, mistakes can happen, and non-compliance fines can be just an oversight away. Download the full case study here . As a child, did you ever get caught with your hand in the cookie jar and earn yourself a telling-off? Well, even if you can still remember being outed as a cookie monster, the punishments for today's thieving beasts are worse. Millions of dollars worse. Cookies are an essential part of modern web analytics. A cookie is a small piece of text data that records website visitor preferences along with their behaviors, and its job is to help personalize their browsing experience. Just as you needed parental consent to access the cookie jar all those years ago, your business now needs to obtain user consent before i
Google Drops FLoC and Introduces Topics API to Replace Tracking Cookies for Ads

Google Drops FLoC and Introduces Topics API to Replace Tracking Cookies for Ads

Jan 26, 2022
Google on Tuesday announced that it is abandoning its controversial plans for replacing third-party cookies in favor of a new Privacy Sandbox proposal called  Topics , which categorizes users' browsing habits into approximately 350 topics. The new mechanism , which takes the place of  FLoC  (short for Federated Learning of Cohorts), slots users' browsing history for a given week into a handful of top pre-designated interests (i.e., topics), which are retained only on the device for a revolving period of three weeks. Subsequently, when a user visits a participating site, the Topics API selects three of the interests — one topic from each of the past three weeks — to share with the site and its advertising partners. To give more control over the framework, users can not only see the topics but also remove topics or disable it altogether. By labeling each website with a recognizable, high-level topic and sharing the most frequent topics associated with the browsing history,
Two Widely Used Ad Blocker Extensions for Chrome Caught in Ad Fraud Scheme

Two Widely Used Ad Blocker Extensions for Chrome Caught in Ad Fraud Scheme

Sep 20, 2019
Two widely used Adblocker Google Chrome extensions , posing as the original — AdBlock and uBlock Origin — extensions on Chrome Web Store, have been caught stuffing cookies in the web browser of millions of users to generate affiliate income from referral schemes fraudulently. There's no doubt web extensions add a lot of useful features to web browsers, making your online experience great and aiding productivity, but at the same time, they also pose huge threats to both your privacy and security. Being the most over-sighted weakest link in the browser security model, extensions sit between the browser application and the Internet — from where they look for the websites you visit and subsequently can intercept, modify, and block any requests, based on the functionalities they have been designed for. Apart from the extensions which are purposely created with malicious intent , in recent years we have also seen some of the most popular legitimate Chrome and Firefox extensions g
cyber security

Instantly See How Much Time You Can Save by Automating Compliance

websiteVantaAutomate Compliance
Get an instant calculation of how much time you could save by automating compliance with Vanta.
Cybersecurity CPEs: Unraveling the What, Why & How

Cybersecurity CPEs: Unraveling the What, Why & How

Jun 10, 2024Cybersecurity / Exposure Management
Staying Sharp: Cybersecurity CPEs Explained Perhaps even more so than in other professional domains, cybersecurity professionals constantly face new threats. To ensure you stay on top of your game, many certification programs require earning Continuing Professional Education (CPE) credits. CPEs are essentially units of measurement used to quantify the time and effort professionals spend on maintaining and enhancing skills and knowledge in the field of cybersecurity, and they act as points that demonstrate a commitment to staying current. CPEs are best understood in terms of other professions: just like medical, legal and even CPA certifications require continuing education to stay up-to-date on advancements and industry changes, cybersecurity professionals need CPEs to stay informed about the latest hacking tactics and defense strategies. CPE credits are crucial for maintaining certifications issued by various cybersecurity credentialing organizations, such as (ISC)², ISACA, and C
Kaspersky Antivirus Flaw Exposed Users to Cross-Site Tracking Online

Kaspersky Antivirus Flaw Exposed Users to Cross-Site Tracking Online

Aug 15, 2019
In this digital era, the success of almost every marketing, advertising, and analytics company drives through tracking users across the Internet to identify them and learn their interests to provide targeted ads. Most of these solutions rely on 3rd-party cookies, a cookie set on a domain other than the one you are browsing, which allows companies including Google and Facebook to fingerprint you in order to track your every move across multiple sites. However, if you're using Kaspersky Antivirus, a vulnerability in the security software had exposed a unique identifier associated with you to every website you visited in the past 4 years, which might have allowed those sites and other third-party services to track you across the web even if you have blocked or erased third-party cookies timely. The vulnerability, identified as CVE-2019-8286 and discovered by independent security researcher Ronald Eikenberg, resides in the way a URL scanning module integrated into the antivir
Firefox Web Browser Now Blocks Third-Party Tracking Cookies By Default

Firefox Web Browser Now Blocks Third-Party Tracking Cookies By Default

Jun 04, 2019
As promised, Mozilla has finally enabled "Enhanced Tracking Protection" feature on its Firefox browser by default, which from now onwards would automatically block all third-party tracking cookies that allow advertisers and websites to track you across the web. Tracking cookies, also known as third-party cookies, allows advertisers to monitor your online behavior and interests, using which they display relevant advertisements, content, and promotions on the websites you visit. Which makes sense as no one likes to waste time in watching advertisements and offers that are not of one's interest. However, since tracking cookies gather way more information without requiring users' explicit permissions and there is no control over how companies would use it, the technique also poses a massive threat to users' online privacy. To limit this extensive tracking, Mozilla included the "Enhanced Tracking Protection" option as an experimental feature in Octo
Google Chrome to Introduce Improved Cookie Controls Against Online Tracking

Google Chrome to Introduce Improved Cookie Controls Against Online Tracking

May 08, 2019
At the company's I/O 2019 developer conference, Google has announced its plan to introduce two new privacy and security-oriented features in the upcoming versions of its Chrome web browser. In an attempt to allow users to block online tracking, Google has announced two new features—Improved SameSite Cookies and Fingerprinting Protection—that will be previewed by Google in the Chrome web browser later this year. Cookies, also referred to as HTTP cookies or browser cookies, are the small pieces of information that websites store on your computer, which play an important role in improving your online experience. Cookies are created by a web browser when a user loads a particular website, which helps the website to remember information about your visit, like your login information, preferred language, items in the shopping cart and other settings. However, cookies are also being widely used to identify users and track their activities not only on the site that issued a cooki
Apple Blocks Sites From Abusing HSTS Security Standard to Track Users

Apple Blocks Sites From Abusing HSTS Security Standard to Track Users

Mar 20, 2018
If you are unaware, the security standard HTTP Strict Transport Security (HSTS) can be abused as a 'supercookie' to surreptitiously track users of almost every modern web browser online without their knowledge even when they use "private browsing." Apple has now added mitigations to its open-source browser infrastructure WebKit that underpins its Safari web browser to prevent HSTS abuse after discovering that theoretical attacks demonstrated in 2015 were recently deployed in the wild against Safari users. HSTS—HTTP Strict Transport Security—is a great feature that allows websites to automatically redirects user's web traffic to secure page connections over HTTPS if the user accidentally opens an insecure URL and then remembers to route that user to the secure connection always. Since HSTS does not allow websites to store any information/value on users web browser except remembering the redirect information about turning it on/off for future use, using
France Orders Facebook To Stop Tracking Non-Users or Face Fines

France Orders Facebook To Stop Tracking Non-Users or Face Fines

Feb 09, 2016
8th February 2016 would be considered as a cursed day in the history of Facebook. You might have known that just yesterday India bans Facebook's Free Basic Internet in the country. Now, Zuckerberg had got another bombshell in the form of a French Order from the European Data Protection Authority, who ordered Facebook to stop tracking non-users' online activity and to stop data transfers of personal data to the US servers. Facebook Is Following You Everywhere Do you know: Facebook can still track you, even if you log out, with the help of its tracking cookies and plugins ( like, share buttons ) placed on any 3rd-party website. Facebook knows what sites you are visiting, and by " you ," I mean specifically your account, not an anonymous Facebook user . As per the French Order, Facebook is not legalized to track the web browsing habits of all European citizens, even those without a Facebook account. The French Government had also provided a tim
HTML5 Canvas Fingerprint — Widely Used Unstoppable Web Tracking Technology
Expert Insights
Cybersecurity Resources