iTnews

New phishing ploy exploits secure sessions to hijack data

By Dan Kaplan on Jan 14, 2009 10:49AM

Researchers have discovered a new way for attackers to phish for credentials without the need to send emails or trick users into visiting a malicious website.

Researchers have discovered a new way for attackers to phish for credentials without the need to send emails or trick users into visiting a malicious website.Dubbed "in-session" phishing by web security firm Trusteer, the conceptualised attack leverages a vulnerability present in all major ...

Hi! You've reached one of our premium articles. This is available exclusively to subscribers.

It's free to register, and only takes a few minutes.

Once you sign up you'll have unlimited access to the full catalogue of Australia's best business IT content, as well as a daily news bulletin delivered straight to your inbox.

Register now

Already have an account? Log in to read this article.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
data exploits hijack insession phishing scam secure security sessions
In Partnership With
By Dan Kaplan
Jan 14 2009
10:49AM
0 Comments

Related Articles

  • Five charged over cryptocurrency investment scam
  • Thieves steal laptops with 30 years of data from University of Western Australia
  • Easily re-identified 'anonymised' data threatens privacy
  • Freight forwarding scam bankrupting Aussie IT suppliers
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Australia will now headhunt tech talent for permanent residency

Australia will now headhunt tech talent for permanent residency
Optus shifts 100k premises out of NBN 12Mbps in three months

Optus shifts 100k premises out of NBN 12Mbps in three months
JB Hi-Fi reveals Bunnings-style online sales engine overhaul

JB Hi-Fi reveals Bunnings-style online sales engine overhaul
NBN Co's FTTC and HFC build costs rise again

NBN Co's FTTC and HFC build costs rise again
You must be a registered member of iTnews to post a comment.
Log In | Register

Whitepapers from our sponsors

Is your AWS framework well-architected?
Is your AWS framework well-architected?
Why you should reassess your cybersecurity posture
Why you should reassess your cybersecurity posture
How will you manage the cloud data deluge?
How will you manage the cloud data deluge?
Follow these steps to prevent targeted attacks
Follow these steps to prevent targeted attacks
Your mobile devices may not be secure – learn how to fix that
Your mobile devices may not be secure – learn how to fix that

Events

  • Lunch and Learn - Find out how to migrate to AWS for free!
  • Summit Australia for Microsoft Business Applications
  • SAUG National Summit
  • Ricoh at Integrate Stand M5
  • Webinar : Implications of the Australian Prudential Standard CPS 234
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.