Session Hijacking and Man-in-the-Middle Attacks

When you're on the internet, your computer has a lot of small back-and-forth transactions with servers around the world letting them know who you are and requesting specific websites or services. In return, if everything goes as it should, the web servers should respond to your request by giving you the information you're accessing. This process, or session, happens whether you are simply browsing or when you are logging into a website with your username and password.  

The session between your computer and the remote web server is given a unique session ID, which should stay private between the two parties; however, an attacker can hijack the session by capturing the session ID and posing as the computer making a request, allowing them to log in as an unsuspecting user and gain access to unauthorized information on the web server. There are a number of methods an attacker can use to steal the session ID, such as a cross-site scripting attack used to hijack session IDs. 
An attacker can also opt to hijack the session to insert themselves between the requesting computer and the remote server, pretending to be the other party in the session. This allows them to intercept information in both directions and is commonly called a man-in-the-middle attack. Read more about What is network security monitoring?

Comments

Post a Comment

Popular posts from this blog

Importance of threat intelligence in cybersecurity

Cyber threat intelligence helps organizations by giving them insights into the mechanisms and implications of threats, allowing them to build defense strategies and frameworks, and reduce their  attack surface  with the end goals of mitigating harm and protecting their network. The main objective of cyber threat intelligence is to provide organizations a deeper understanding of what’s happening outside their network, giving them better visibility of the cyber threats that bring the most risk to their infrastructure. You need threat intelligence for effective defense. It’s also about prioritizing: removing false positives that constantly hit SOCs and recognizing the advanced threats and exploits the organization is most vulnerable to, so teams can take action against them. With cyber threat intelligence, you can determine if your security defense system can actually handle those threats, and improve it as necessary. Here are other major benefits to good cyber threat in...
Read more

Machine Learning for Better Threat Intelligence

Data processing takes place at a scale today that requires automation to be comprehensive. Combine data points from many different types of sources — including open, dark web, and technical sources — to form the most robust picture possible. Recorded Future uses  machine learning  techniques in four ways to improve data collection and aggregation — to structure data into categories, to analyze text across multiple languages, to provide risk scores, and to generate predictive models. 1. To structure data into entities and events Ontology has to do with how we split concepts up and how we group them together. In data science,  ontologies  represent categories of  entities  based on their names, properties, and relationships to each other, making them easier to sort into hierarchies of sets. For example, Boston, London, and Gothenburg are all distinct entities that will also fall under the broader “city” entity. If entities represent a way to sort p...
Read more

The most Important Challenges Facing Cyber Security

Cybersecurity researchers and business owners are now identifying attacks and threats that could affect the cybersecurity world in 2019. With only two months left until the end of the year, cybersecurity researchers and business owners are now looking to identify attacks and threats that could affect the cybersecurity world in the year 2020. Increased Cybercrime Throughout the year, as a result of the decisive failure of governments, international communities, and the United Nations, cybercrime by hacker groups backed will continue to grow. Many organizations do not have the proper structure to counter these attacks. In such circumstances, cybersecurity teams should rely on data breach detection techniques. Cloud Technology Insecurity The insecurity of cloud technology started and will, unfortunately, continue in the future as well. As the production and deployment of large volumes of data across different sectors of the organization, their security will face many ...
Read more