News

HHS3y
A Deep Dive into SaaS Session Hijacking
In a previous blog, we introduced the growing threat of session hijacking and explained how dangerous and discrete these attacks can be. Today, we’ll walk through a demonstration of SaaS session ...
CSOonline4y
RDP hijacking attacks explained, and how to mitigate them
RDP hijacking attacks involve ... Tscon.exe with a session number, and instantly [getting] the desktop of said user — with no obvious trace, or external tools. This isn’t about SYSTEM ...
Threat Post7y
Session Hijacking Bug Exposed GitLab Users Private Tokens
fixed a vulnerability recently that could have exposed its users to session hijacking attacks. Daniel Svartman, a security researcher with Imperva, discovered the issue in May but couldn’t ...
Computer Weekly13y
Session fixation protection: How to stop session fixation attacks
Question: What is session ... attack. This takes advantage of further mistakes in session management, and can be achieved in two ways. Session fixation is not quite the same as session hijacking ...
ZDNet5y
Slack fixes vulnerability exploitable for session hijacking, account takeovers
This form of attack tampers with the processes sequences of HTTP requests within a website or app, generally when front-facing services send an HTTP request to a back-end server, and any disparity ...