September 9, 2024
|
Reports
Infostealers are on the rise, and with them, the statistics tracking this growing threat. Many companies publish reports, but what do those numbers really mean? We delved deeper into the data to give you the full story. No time to go through it all? Our Passguard rating system scores the value of statistics on a scale from 1 to 5. Convenient, right?
NordVPN has a statistic that caught our attention: stolen cookies in the Netherlands. According to their research, a total of 54 billion cookies have been stolen worldwide, of which 17% were still active at the time. The majority of these cookies were stolen via infostealers like Redline, Vidar, Raccoon, and Metastealer, although a few trojans were also involved.
Approximately half of these cookies included country data, enabling NordVPN to estimate their geographic distribution. For the Netherlands, 154 million stolen cookies were identified, ranking the country 38th globally. While this figure is noteworthy, geographic data was unavailable for 27 billion cookies, suggesting the actual number of stolen Dutch cookies is likely much higher, though they cannot be precisely attributed.
There is some uncertainty regarding the content of the cookies. Of the 54 billion cookies, only 12 billion could be analyzed for content type, such as session cookies or cookies containing geographic data. The reason why the remaining 42 billion couldn’t be examined remains unclear.
NordVPN specifies by cookie type whether they are still valid. This is relevant for session cookies, login cookies, and authentication cookies, but less so for static data such as name, email address, or residence. A striking finding was that information about sexual orientation was found in half a million cookies. In some countries, this could be sensitive information, a risk that NordVPN rightly highlights. However, the note that 26% of these cookies were still active seems less relevant, as this specific information—such as sexual orientation—does not change much and remains accessible to those who already possess the cookies.
NordVPN offers valuable insight into a frequently overlooked aspect of cybersecurity: the role of stolen cookies. While there are some questions about the completeness of the analysis, particularly regarding the missing data and the validity of certain information, the research is a good step forward. We hope that NordVPN will expand this research in the future.
Infostealers are on the rise, and with them, the statistics tracking this growing threat. Many companies publish reports, but what do those numbers really mean? We delved deeper into the data to give you the full story. No time to go through it all? Our Passguard rating system scores the value of statistics on a scale from 1 to 5. Convenient, right?
December 5, 2024
The Graafschap College, a medium-sized vocational school in Doetinchem, has around ten thousand students and over a thousand employees. Rob Gerritsen, Chief Information Security Officer (CISO) at Graafschap College, gained insight into his organization's dark web exposure through Passguard. During a walk through a wintery forest near Doetinchem, he spoke to us about his experiences.
November 29, 2024
Our colleague Tom Leijte spoke to Topicus KeyHub about the rise of and the risks they pose to organizations. From stolen session cookies to digital identity misuse—it's a growing problem that needs action.
November 29, 2024
.svg)
