Welcome to our

Cyber Security News Aggregator

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

First slide label

Some representative placeholder content for the first slide.

Second slide label

Some representative placeholder content for the second slide.

Third slide label

Some representative placeholder content for the third slide.

C4 Bomb: Blowing Up Chrome’s AppBound Cookie Encryption

published on 2025-06-30 17:10:30 UTC by /u/ES_CY
Content:

Disclosure: I work at CyberArk

The research shows that Chrome’s AppBound cookie encryption relies on a key derivation process with limited entropy and predictable inputs. By systematically generating possible keys based on known parameters, an attacker can brute-force the correct encryption key without any elevated privileges or code execution. Once recovered, this key can decrypt any AppBound-protected cookies, completely undermining the isolation AppBound was intended to provide in enterprise environments.

submitted by /u/ES_CY
[link] [comments]

Article: C4 Bomb: Blowing Up Chrome’s AppBound Cookie Encryption - published 3 months ago.

https://www.reddit.com/r/netsec/comments/1lod5nx/c4_bomb_blowing_up_chromes_appbound_cookie/
Published: 2025 06 30 17:10:30
Received: 2025 06 30 17:19:57
Feed: /r/netsec - Information Security News and Discussion
Source: /r/netsec - Information Security News and Discussion
Category: Cyber Security
Topic: Cyber Security
Views: 12