In a previous blog, we introduced the growing threat of session hijacking and explained how dangerous and discrete these attacks can be. Today, we’ll walk through a demonstration of SaaS session ...

Researchers spotted a strain of cookie stealing malware, injected into a legitimate JavaScript file, masquerading as a WordPress core domain. Researchers have identified a strain of cookie stealing ...

Many of the tools that organizations are deploying to isolate Internet traffic from the internal network — such as multifactor authentication, zero-trust network access, SSO, and identity provider ...

When it comes to enterprise cyber-threats, credentials are rightly viewed as the keys to the kingdom. Why use a piece of malicious code on a vulnerable system or human when a valid credential opens ...

NEWPORT BEACH, Calif.--(BUSINESS WIRE)--Obsidian Security, the leader in SaaS Security and Posture Management (SSPM), unveiled the ability to detect SaaS session hijacking attempts early in the kill ...

VMware is urging network administrators to remove an out-of-date plug-in for its VSphere, which has two flaws — one of them critical — that can allow attackers with access to a Windows client system ...

GitLab, the popular web-based Git repository manager, fixed a vulnerability recently that could have opened its users up to session hijacking attacks. GitLab, the popular web-based Git repository ...

During a recent pen test of GitLab, Imperva researchers were surprised to come across a vulnerability that leaves users exposed to session hijacking attacks. The vulnerability stems from the type of ...

A couple of weeks ago, a tricky new Firefox plug-in called Firesheep made hijacking someone’s Web browsing session point-and-click simple. You should take extra precautions to ensure that nobody hacks ...

Want to hack someone else’s Amazon, Facebook, Twitter or Windows Live account in just one click? A Firefox extension called Firesheep claims you can by hijacking a person’s current user session over ...