The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: tracking cookies

Two Widely Used Ad Blocker Extensions for Chrome Caught in Ad Fraud Scheme

Two Widely Used Ad Blocker Extensions for Chrome Caught in Ad Fraud Scheme
September 20, 2019Swati Khandelwal
Two widely used Adblocker Google Chrome extensions , posing as the original — AdBlock and uBlock Origin — extensions on Chrome Web Store, have been caught stuffing cookies in the web browser of millions of users to generate affiliate income from referral schemes fraudulently. There's no doubt web extensions add a lot of useful features to web browsers, making your online experience great and aiding productivity, but at the same time, they also pose huge threats to both your privacy and security. Being the most over-sighted weakest link in the browser security model, extensions sit between the browser application and the Internet — from where they look for the websites you visit and subsequently can intercept, modify, and block any requests, based on the functionalities they have been designed for. Apart from the extensions which are purposely created with malicious intent , in recent years we have also seen some of the most popular legitimate Chrome and Firefox extensions g

Kaspersky Antivirus Flaw Exposed Users to Cross-Site Tracking Online

Kaspersky Antivirus Flaw Exposed Users to Cross-Site Tracking Online
August 15, 2019Swati Khandelwal
In this digital era, the success of almost every marketing, advertising, and analytics company drives through tracking users across the Internet to identify them and learn their interests to provide targeted ads. Most of these solutions rely on 3rd-party cookies, a cookie set on a domain other than the one you are browsing, which allows companies including Google and Facebook to fingerprint you in order to track your every move across multiple sites. However, if you're using Kaspersky Antivirus, a vulnerability in the security software had exposed a unique identifier associated with you to every website you visited in the past 4 years, which might have allowed those sites and other third-party services to track you across the web even if you have blocked or erased third-party cookies timely. The vulnerability, identified as CVE-2019-8286 and discovered by independent security researcher Ronald Eikenberg, resides in the way a URL scanning module integrated into the antivir

Firefox Web Browser Now Blocks Third-Party Tracking Cookies By Default

Firefox Web Browser Now Blocks Third-Party Tracking Cookies By Default
June 04, 2019Mohit Kumar
As promised, Mozilla has finally enabled "Enhanced Tracking Protection" feature on its Firefox browser by default, which from now onwards would automatically block all third-party tracking cookies that allow advertisers and websites to track you across the web. Tracking cookies, also known as third-party cookies, allows advertisers to monitor your online behavior and interests, using which they display relevant advertisements, content, and promotions on the websites you visit. Which makes sense as no one likes to waste time in watching advertisements and offers that are not of one's interest. However, since tracking cookies gather way more information without requiring users' explicit permissions and there is no control over how companies would use it, the technique also poses a massive threat to users' online privacy. To limit this extensive tracking, Mozilla included the "Enhanced Tracking Protection" option as an experimental feature in Octo

Google Chrome to Introduce Improved Cookie Controls Against Online Tracking

Google Chrome to Introduce Improved Cookie Controls Against Online Tracking
May 08, 2019Mohit Kumar
At the company's I/O 2019 developer conference, Google has announced its plan to introduce two new privacy and security-oriented features in the upcoming versions of its Chrome web browser. In an attempt to allow users to block online tracking, Google has announced two new features—Improved SameSite Cookies and Fingerprinting Protection—that will be previewed by Google in the Chrome web browser later this year. Cookies, also referred to as HTTP cookies or browser cookies, are the small pieces of information that websites store on your computer, which play an important role in improving your online experience. Cookies are created by a web browser when a user loads a particular website, which helps the website to remember information about your visit, like your login information, preferred language, items in the shopping cart and other settings. However, cookies are also being widely used to identify users and track their activities not only on the site that issued a cooki

Apple Blocks Sites From Abusing HSTS Security Standard to Track Users

Apple Blocks Sites From Abusing HSTS Security Standard to Track Users
March 20, 2018Swati Khandelwal
If you are unaware, the security standard HTTP Strict Transport Security (HSTS) can be abused as a 'supercookie' to surreptitiously track users of almost every modern web browser online without their knowledge even when they use "private browsing." Apple has now added mitigations to its open-source browser infrastructure WebKit that underpins its Safari web browser to prevent HSTS abuse after discovering that theoretical attacks demonstrated in 2015 were recently deployed in the wild against Safari users. HSTS—HTTP Strict Transport Security—is a great feature that allows websites to automatically redirects user's web traffic to secure page connections over HTTPS if the user accidentally opens an insecure URL and then remembers to route that user to the secure connection always. Since HSTS does not allow websites to store any information/value on users web browser except remembering the redirect information about turning it on/off for future use, using

France Orders Facebook To Stop Tracking Non-Users or Face Fines

France Orders Facebook To Stop Tracking Non-Users or Face Fines
February 09, 2016Unknown
8th February 2016 would be considered as a cursed day in the history of Facebook. You might have known that just yesterday India bans Facebook's Free Basic Internet in the country. Now, Zuckerberg had got another bombshell in the form of a French Order from the European Data Protection Authority, who ordered Facebook to stop tracking non-users' online activity and to stop data transfers of personal data to the US servers. Facebook Is Following You Everywhere Do you know: Facebook can still track you, even if you log out, with the help of its tracking cookies and plugins ( like, share buttons ) placed on any 3rd-party website. Facebook knows what sites you are visiting, and by " you ," I mean specifically your account, not an anonymous Facebook user . As per the French Order, Facebook is not legalized to track the web browsing habits of all European citizens, even those without a Facebook account. The French Government had also provided a tim

HTML5 Canvas Fingerprint — Widely Used Unstoppable Web Tracking Technology

HTML5 Canvas Fingerprint — Widely Used Unstoppable Web Tracking Technology
July 23, 2014Mohit Kumar
Till Now we have seen many traditional way of tracking web users, such as using cookies that get saved on user's system may not be available forever to many companies, but a new method of tracking users has emerged that worked without the use of cookies. From last two years, many websites and tracking softwares are utilizing the fingerprinting power of HTML5 Canvas, which is a HTML element used to dynamically generated image in your browser's web page. EACH BROWSER GENERATES DIFFERENT IMAGE Basically, web browsers uses different image processing engines, export options, compression level, so each computer draws the image slightly differently, the images can be used to assign each user's device a number (a fingerprint) that uniquely identifies it i.e. Browser fingerprinting . According to a research paper published by computer security experts from Princeton University and KU Leuven University in Belgium, the Canvas fingerprint tracking has made it more difficult for
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.