April 2, 2024 By Sergiu Gatlan
Google announced a new Chrome security feature that ties cookies to a specific device, blocking hackers from stealing and using them to hijack users' accounts.
Cookies are files that websites use to remember your browsing information and preferences and automatically log you into a service or website. These cookies are created after you log into a service and verify multi-factor authentications, allowing them to bypass multi-factor authentication (MFA) in future logins.
Unfortunately, attackers use malware to steal these cookies, thus circumventing MFA prompts to hijack the linked accounts.
To solve this problem, Google is working on a new feature called Device Bound Session Credentials (DBSC) that makes it impossible for attackers to steal your cookies by cryptographically binding your authentication cookies to your device.
