Sidejacking: Difference between revisions

From ACT Wiki
Jump to navigationJump to search
imported>Doug Williamson
(Add link.)
imported>Doug Williamson
(Link with Cookie & Session cookie pages.)
 
Line 10: Line 10:
==See also==
==See also==
*[[CEO fraud]]
*[[CEO fraud]]
*[[Cookie]]
*[[Cyber attack]]
*[[Cyber attack]]
*[[Cybercrime – A Threat And An Opportunity]]
*[[Cybercrime – A Threat And An Opportunity]]
Line 19: Line 20:
*[[Man in the middle]]
*[[Man in the middle]]
*[[National Cyber Security Centre]]
*[[National Cyber Security Centre]]
*[[Session cookie]]
*[[Social engineering]]
*[[Social engineering]]


[[Category:Identify_and_assess_risks]]
[[Category:Identify_and_assess_risks]]
[[Category:Technology]]
[[Category:Technology]]

Latest revision as of 15:26, 6 February 2019

Cybersecurity - cyber attacks.

Sidejacking is a form of cyber attack in which an attacker steals a session cookie from a legitimate website visited by a legitimate client.

These cookies often contain usernames and passwords, and are generally sent back unencrypted, even if the original log-in was protected via https.

The session cookie is then used to gain unauthorised access to systems.


See also