Sidejacking: Difference between revisions

From ACT Wiki
Jump to navigationJump to search
imported>Doug Williamson
(Create page. Source: The Treasurer, December 2018 / January 2019, p31.)
 
imported>Doug Williamson
(Add link.)
Line 16: Line 16:
*[[DDoS]]
*[[DDoS]]
*[[Hotspot sniffing]]
*[[Hotspot sniffing]]
*[[Hypertext Transfer Protocol, Secure]] (https)
*[[Man in the middle]]
*[[Man in the middle]]
*[[National Cyber Security Centre]]
*[[National Cyber Security Centre]]

Revision as of 21:58, 3 February 2019

Cybersecurity - cyber attacks.

Sidejacking is a form of cyber attack in which an attacker steals a session cookie from a legitimate website visited by a legitimate client.

These cookies often contain usernames and passwords, and are generally sent back unencrypted, even if the original log-in was protected via https.

The session cookie is then used to gain unauthorised access to systems.


See also