Market abuse and Sidejacking: Difference between pages

From ACT Wiki
(Difference between pages)
Jump to navigationJump to search
imported>Martin ODonovan
(New entry)
 
imported>Doug Williamson
(Create page. Source: The Treasurer, December 2018 / January 2019, p31.)
 
Line 1: Line 1:
Market abuse is the term used to describe any misuse of confidential or non public information so as to attempt to gain a trading advantage.  Market abuse also encompasses: insider dealing;improper disclosure; manipulating transactions; manipulating devices; misleading dissemination.
''Cybersecurity - cyber attacks.''


Legislation exists in most financial markets to specify the detail of what is prohibited as market abuse and within the EU this is covered by the Market Abuse Directive ([https://www.esma.europa.eu/system/files/Dir_03_6.pdf Directive 2003/6/EC of the European Parliament and of the Council of 28 January 2003]) and the revised Market Abuse Directive II and the Market Abuse Regulation which are in the process of being enacted in 2014
Sidejacking is a form of cyber attack in which an attacker steals a session cookie from a legitimate website visited by a legitimate client.


These cookies often contain usernames and passwords, and are generally sent back unencrypted, even if the original log-in was protected via https.


For example trading in a company's shares whilst in the possession of inside information that a profits warning was about to be announced would be insider trading and therefore market abuse.
The session cookie is then used to gain unauthorised access to systems.




== Other links ==
==See also==
[http://www.treasurers.org/node/3244 ACT briefing note: The New Market Abuse and Disclosure Regime in the UK - A Guide for Listed Companies  August 2005]
*[[CEO fraud]]
*[[Cyber attack]]
*[[Cybercrime – A Threat And An Opportunity]]
*[[Cyber security: protecting your business and your clients]]
*[[Cybersecurity]]
*[[DDoS]]
*[[Hotspot sniffing]]
*[[Man in the middle]]
*[[National Cyber Security Centre]]
*[[Social engineering]]
 
[[Category:Identify_and_assess_risks]]
[[Category:Technology]]

Revision as of 21:56, 3 February 2019

Cybersecurity - cyber attacks.

Sidejacking is a form of cyber attack in which an attacker steals a session cookie from a legitimate website visited by a legitimate client.

These cookies often contain usernames and passwords, and are generally sent back unencrypted, even if the original log-in was protected via https.

The session cookie is then used to gain unauthorised access to systems.


See also

Retrieved from ‘https://wiki.treasurers.org/w/index.php?title=Market_abuse&oldid=44108