Announcements

Cybersecurity Outlook 2022 | A FREE Dark Reading & Black Hat Virtual Event | December 8, 2021 <REGISTER NOW>

Check out our NEW section called "DR Tech" for comprehensive coverage of new & emerging cybersecurity technology.

How Firesheep Can Hijack Web Sessions

Firesheep is a Firefox extension used to hijack web sessions, usually used over WiFi networks. Firesheep doesn't steal usernames and passwords, instead it copies session cookies used on authenticated websites. These are then used to impersonate the hijacked connection. Session hijacking, or sidejacking is a well known problem, ranking 3rd on OWASP's (Open Web Application Security Project) Top 10 Application Security Risk list. Attackers using Firesheep just need access to network traffic -- such

Former Network Computing Editor

November 03, 2010

Attackers have one more trick up their sleeves. Cain & Able will generate an SSL certificate on the fly trying to fool browser users into trusting it. Don't. If you see a message like this (browsers display certificate errors in their own way) stop what you are doing and walk away.

SEE ALSO:

Firesheep Simplifies Stealing Logins

Firesheep Exposes Need For Encryption

Mobile Application Security Compliance

Recommended Reading:

More Insights

White Papers

More White Papers

Webinars

Reports

Editors' Choice

In Appreciation: Dark Reading's Tim Wilson

Dark Reading Staff, Dark Reading

10 Stocking Stuffers for Security Geeks

Ericka Chickowski, Contributing Writer

How Sun Tzu's Wisdom Can Rewrite the Rules of Cybersecurity

Gregory R. Simpson, Former CTO of GE and Former CTO of Synchrony Financial

Lisa Lorenzin, Field CTO – Americas at Zscaler

How Threat Actors Get Into OT Systems

Donovan Tindill, Senior Cybersecurity Strategist, Honeywell

Webinars

White Papers

More White Papers

Events

Cybersecurity Outlook 2022 - December 8 Virtual Event

More Insights

White Papers

More White Papers

Webinars

Reports