#dbsc
LightNews LightNews
plm.bsky.social
Stopping things like infostealers by locking down the cookie jar to just the signed browser processes is a simple but powerful control

While Chrome is working on Device Bound Session Credentials (DBSC). You can deploy this today.

Also if you use another browser like Firefox, it'll still work.
northpolesec.bsky.social North Pole Security @northpolesec.bsky.social · 1d
Day 6 of our FAAdvent Calendar: Protect your browser cookies from infostealers with Santa's File Access Rules—limit access so only the browser can read its own cookies!

northpole.security/blog/2025-ad...
December 6, 2025 at 2:05 PM
qiancx.bsky.social
谷歌推出DBSC开放测试版,携手Project Zero提升补丁透明度,强化网络安全防护

https://qian.cx/posts/75387719-908D-454F-9BFB-C2ACC3404BE9
November 17, 2025 at 6:50 AM
fletch.online
The Dublin Bay sailing club #dbsc awards are on in the national maritime museum this evening. Pretty dramatic venue for it!
A view from the back of an audience in the national maritime museum, Dublin. The museum is a converted church, but a standing over the dais is a massive fresnel lens assembly from a lighthouse. Which looks cool as shiiiiiiiit!
November 7, 2025 at 7:13 PM
kaldata.bsky.social
През този месец започна втората фаза от тестовете на технологията Device Bound Session Credentials (DBSC), насочена към защитата на уеб сесиите от кражба на бисквитки и прихващане на идентификационни данни. Новият етап ще продължи до началото на февруари 2026 година и за първи път обхваща реални...
Краят на ерата на кражбите на бисквитки? Стартира втора фаза на DBSC – новата защита на сесиите на Google
През този месец започна втората фаза от тестовете на технологията Device Bound Session Credentials (DBSC), насочена към защитата на уеб сесиите от кражба на бисквитки и прихващане на идентификационни данни. Новият етап ще продължи до началото на февруари 2026 година и за първи път обхваща реални условия на експлоатация, включително обратна връзка от разработчиците, участвали в предишното тестване. Фокусът е върху повишаването на стабилността и предсказуемостта на работата на механизма, както и към въвеждането на допълнителни функции, улесняващи интеграцията в съществуващите системи за удостоверяване.
www.kaldata.com
October 26, 2025 at 6:37 PM
sambowne.infosec.exchange.ap.brid.gy
Device Bound Session Credentials: Second origin trial begins | Blog | Chrome for Developers https://developer.chrome.com/blog/dbsc-origin-trial-update?hl=en
Device Bound Session Credentials: Second origin trial begins  |  Blog  |  Chrome for Developers
The second Device Bound Session Credentials (DBSC) origin trial starts in Chrome 142 with new updates to prevent cookie theft.
developer.chrome.com
October 24, 2025 at 1:51 PM
agektmr.com
DBSC (Device Bound Session Credentials) binds browser session credentials to the device and mitigate cookie thefts. Chrome has just started its second origin trial with some updates.

Learn more: developer.chrome.com/blog/dbsc-or...
October 23, 2025 at 11:08 AM
mortenson.bsky.social
I wonder if you could mitigate session hijacking using the Web Push API. On login associate a web push subscription with the session, then every few minutes push down a token that the browser needs to include in future requests. Like DBSC but relying on the webhook URL instead of the TPM?
September 21, 2025 at 7:47 PM
m15c4t0n1c.bsky.social
www.vietnam.vn/de/lu-o-dbsc...

Überschwemmungen im Mekong-Delta überschreiten Alarmstufe 3
Überschwemmungen im Mekong-Delta überschreiten Alarmstufe 3: Flussaufwärts sind die Menschen mit dem Lebensunterhalt beschäftigt, flussabwärts kämpfen sie mit den Überschwemmungen
Nach Angaben des Southern Institute of Water Resources Planning führten Hochwasserstände in Kombination mit Fluten am 13. September dazu, dass an vielen Orten im Mekong-Delta die Alarmstufe 3 überschr...
www.vietnam.vn
September 13, 2025 at 9:05 AM
quilavac.bsky.social
元はぐぐるのこの記事と思われる。「パスキーとDBSCで今日の主要な脅威によるアカウント乗っ取りを防御できるようになる」って展望の紹介みたいな感じ。
workspace.google.com/blog/identit...

せーるすほーすはこっちやね。
「攻撃者が取得したデータは会社名や連絡先などの、基本的かつ大部分が基本的に公開されているビジネス情報に限定」ってことらしい。
www.bleepingcomputer.com/news/securit...
August 26, 2025 at 5:11 PM
aimainainnu.bsky.social
グーグル、パスキーとDBSCでアカウント乗っ取り対策を強化--急増する情報窃取型攻撃に対応
ZDNET Japan

サイバー犯罪者は、家庭でも職場でも油断しているユーザーを狙い、常に多様な手段で攻撃を仕掛けてくる。グーグルは米国時間7月29日に公開したブログ投稿 ...
japan.zdnet.com/article/3523...
グーグル、パスキーとDBSCでアカウント乗っ取り対策を強化--急増する情報窃取型攻撃に対応
サイバー犯罪者は、家庭でも職場でも油断しているユーザーを狙い、常に多様な手段で攻撃を仕掛けてくる。グーグルは米国時間7月29日に公開したブログ投稿で、顧客が直面している脅威と、それらから身を守るために利用可能なツールについて説明している。
japan.zdnet.com
July 31, 2025 at 11:20 PM
kaldata.bsky.social
Google разширява границите на сигурността с нова инициатива, като направи общедостъпна бета версия на технологията Device Bound Session Credentials (DBSC) — функция, която позволява да се защитят потребителите от кражба на сесийни бисквитки...
Google поставя железни окови на вашите бисквитки: дългоочакваната функция DBSC е тук
Google разширява границите на сигурността с нова инициатива, като направи общедостъпна бета версия на технологията Device Bound Session Credentials (DBSC) — функция, която позволява да се защитят потребителите от кражба на сесийни бисквитки. Първоначално представена като прототип през април 2024 година, системата вече е достъпна в браузъра Chrome за Windows и свързва сесиите за удостоверяване с конкретно устройство. Това означава, че дори при кражба на бисквитки, потенциален хакер няма да може да ги използва на друг компютър. DBSC засилва защитата след влизане в системата, като блокира възможността за отдалечена авторизация от друго устройство.
www.kaldata.com
July 31, 2025 at 1:53 PM
bitnewsbot.bsky.social
JUST IN 👉 Google Launches DBSC to Block Cookie Theft, Unveils Patch Gap Policy
Google Launches DBSC to Block Cookie Theft, Unveils Patch Gap Policy
<p>Google launched the open beta of Device Bound Session Credentials (DBSC) in Chrome on Windows to fight session cookie theft. [&hellip;]</p>
bitnewsbot.com
July 31, 2025 at 7:26 AM
guardian360.bsky.social
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero thehackernews.com/2025/07/go...
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero
Google unveils DBSC in Chrome and new Project Zero disclosure rules to boost account and patch security.
thehackernews.com
July 31, 2025 at 7:00 AM
shiojiri.com
グーグル、パスキーとDBSCでアカウント乗っ取り対策を強化--急増する情報窃取型攻撃に対応 - ZDNET Japan https://japan.zdnet.com/article/35236141/
July 31, 2025 at 4:43 AM
hacker.at.thenote.app
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero

Google has announced that it's making a security feature called Device Bound Session Credentials (DBSC) in open beta to ensure that users are safeguarded against session cookie theft attack…

#hackernews #news
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero
Google has announced that it's making a security feature called Device Bound Session Credentials (DBSC) in open beta to ensure that users are safeguarded against session cookie theft attacks. DBSC, first introduced as a prototype in April 2024, is designed to bind authentication sessions to a device so as to prevent threat actors from using stolen cookies to sign-in to victims' accounts and gain
thehackernews.com
July 31, 2025 at 3:51 AM
igalog.bsky.social
グーグル、パスキーとDBSCでアカウント乗っ取り対策を強化--急増する情報窃取型攻撃に対応
https://japan.zdnet.com/article/35236141/

サービスのパスキー対応は既に最低限のラインになってきた?
グーグル、パスキーとDBSCでアカウント乗っ取り対策を強化--急増する情報窃取型攻撃に対応
サイバー犯罪者は、家庭でも職場でも油断しているユーザーを狙い、常に多様な手段で攻撃を仕掛けてくる。グーグルは米国時間7月29日に公開したブログ投稿で、顧客が直面している脅威と、それらから身を守るために利用可能なツールについて説明している。
japan.zdnet.com
July 30, 2025 at 11:31 PM
thedailytechfeed.com
Google launches DBSC open beta in Chrome to combat session cookie theft and enhances patch transparency via Project Zero. Strengthening user security against unauthorized access. #Google #DBSC #CyberSecurity Link: thedailytechfeed.com/google-intro...
July 30, 2025 at 3:56 PM
techit.bsky.social
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero

#thehackersnews
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero
Google unveils DBSC in Chrome and new Project Zero disclosure rules to boost account and patch security.
thehackernews.com
July 30, 2025 at 3:00 PM
securityrss.bsky.social
Google Workspace is introducing Device Bound Session Credentials (DBSC) to prevent token stealing attacks, particularly following incidents like the Linus Tech Tips account takeover.
Google Workspace is rolling out a security update to stop token stealing attacks
www.theverge.com
July 30, 2025 at 2:07 PM
reconbee.bsky.social
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero reconbee.com/google-launc...

#DBSCopenbeta #DBSC #openBeta #chrome #google #projectzero #googlechrome
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero
actors to reuse session cookies read more about Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero
reconbee.com
July 30, 2025 at 1:05 PM
ninjaowl.ai
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...
July 30, 2025 at 1:01 PM
monikawalker.bsky.social
Google Launches DBSC Open Beta In Chrome And Enhances Patch Transparency By Way Of Venture Zero

Google has introduced that it is making a safety characteristic referred to as Machine Certain Session Credentials (DBSC) in open beta to make sure that customers are safeguarded in opposition to…
Google Launches DBSC Open Beta In Chrome And Enhances Patch Transparency By Way Of Venture Zero
Google has introduced that it is making a safety characteristic referred to as Machine Certain Session Credentials (DBSC) in open beta to make sure that customers are safeguarded in opposition to session cookie theft assaults. DBSC, first launched as a prototype in April 2024, is designed to bind authentication classes to a tool in order to stop menace actors from utilizing stolen cookies to sign-in to victims’ accounts and acquire unauthorized entry from a separate gadget underneath their management. “Out there within the Chrome browser on Home windows, DBSC strengthens safety after you might be logged in and helps bind a session cookie – small information utilized by web sites to recollect consumer info – to the gadget a consumer authenticated from,” Andy Wen, senior director of product administration at Google Workspace, stated.
nextbusiness24.com
July 30, 2025 at 10:03 AM
nextbusiness24.bsky.social
Google Launches DBSC Open Beta In Chrome And Enhances Patch Transparency By Way Of Venture Zero

Google has introduced that it is making a safety characteristic referred to as Machine Certain Session Credentials (DBSC) in open beta to make sure that customers are safeguarded in opposition to…
Google Launches DBSC Open Beta In Chrome And Enhances Patch Transparency By Way Of Venture Zero
Google has introduced that it is making a safety characteristic referred to as Machine Certain Session Credentials (DBSC) in open beta to make sure that customers are safeguarded in opposition to session cookie theft assaults. DBSC, first launched as a prototype in April 2024, is designed to bind authentication classes to a tool in order to stop menace actors from utilizing stolen cookies to sign-in to victims’ accounts and acquire unauthorized entry from a separate gadget underneath their management. “Out there within the Chrome browser on Home windows, DBSC strengthens safety after you might be logged in and helps bind a session cookie – small information utilized by web sites to recollect consumer info – to the gadget a consumer authenticated from,” Andy Wen, senior director of product administration at Google Workspace, stated.
nextbusiness24.com
July 30, 2025 at 10:03 AM