What is a Pass-the-Cookie attack?

In a Pass-the-Cookie attack, cyber criminals use stolen web session cookies to impersonate legitimate user in order to access data and systems in the victim’s on-premises or cloud environment.

How are cookies used?

Web applications use browser cookies to store user settings and authentication information.

Why do hackers steal cookies?

Using stolen cookies, hackers can impersonate a legitimate user session. By gaining access to the user’s network infrastructure, the adversary can steal sensitive data, plant malware and exploit vulnerabilities.

Why is MFA important?

Multifactor authentication (MFA) is a security measure that enhances system and data security by requiring the user to provide an additional verification factors in addition to their credentials, such as a code sent to their mobile devices or dedicated access tokens.

Bypassing MFA with the Pass-the-Cookie Attack

Multi-factor authentication (MFA) is a great way to increase both on-premises and cloud security. With MFA in place, when a user logs on, they are required to provide not only their user ID and password but another authentication factor, such as a code sent to their phone. This process reduces the attack surface by preventing … Continue reading Bypassing MFA with the Pass-the-Cookie Attack