Sidejacking: Difference between revisions

From ACT Wiki
Jump to navigationJump to search
imported>Doug Williamson
(Create page. Source: The Treasurer, December 2018 / January 2019, p31.)
 
imported>Doug Williamson
(Link with Cookie & Session cookie pages.)
 
(One intermediate revision by the same user not shown)
Line 10: Line 10:
==See also==
==See also==
*[[CEO fraud]]
*[[CEO fraud]]
*[[Cookie]]
*[[Cyber attack]]
*[[Cyber attack]]
*[[Cybercrime – A Threat And An Opportunity]]
*[[Cybercrime – A Threat And An Opportunity]]
Line 16: Line 17:
*[[DDoS]]
*[[DDoS]]
*[[Hotspot sniffing]]
*[[Hotspot sniffing]]
*[[Hypertext Transfer Protocol, Secure]] (https)
*[[Man in the middle]]
*[[Man in the middle]]
*[[National Cyber Security Centre]]
*[[National Cyber Security Centre]]
*[[Session cookie]]
*[[Social engineering]]
*[[Social engineering]]


[[Category:Identify_and_assess_risks]]
[[Category:Identify_and_assess_risks]]
[[Category:Technology]]
[[Category:Technology]]

Latest revision as of 15:26, 6 February 2019

Cybersecurity - cyber attacks.

Sidejacking is a form of cyber attack in which an attacker steals a session cookie from a legitimate website visited by a legitimate client.

These cookies often contain usernames and passwords, and are generally sent back unencrypted, even if the original log-in was protected via https.

The session cookie is then used to gain unauthorised access to systems.


See also