Data Privacy Philippines | Browsers Login Manager Flaw May Compromise Usernames and Passwords

29 Dec Browsers Login Manager Flaw May Compromise Usernames and Passwords

Posted at 11:58h in Foreign, News by Disini & Disini Law Office

Princeton University researchers recently identified a security flaw in login managers which may allow advertising and analytics firms to secretly extract a user’s login credentials.

The exploit uses invisible login fields which the login managers automatically fill in. The malicious script then sends back the information to a third party server. Hackers started using this exploit around a decade ago, however, the researchers say they found services such as Adthink (audienceinsights.net) and OnAudience (behavioralengine.com) using such a script to extract usernames and emails, but not passwords.

Source: Bleeping Computer

Tags:

Adthink (audienceinsights.net), login manager, OnAudience (behavioralengine.com), Princeton University

Print page

Disini & Disini Law Office

info@privacy.com.ph