informa
/
Announcements
Event
Cybersecurity Outlook 2022 | A FREE Dark Reading & Black Hat Virtual Event | December 8, 2021 <REGISTER NOW>
Alert
Check out our NEW section called "DR Tech" for comprehensive coverage of new & emerging cybersecurity technology.
PreviousNext
Risk
Slideshow

How Firesheep Can Hijack Web Sessions

Firesheep is a Firefox extension used to hijack web sessions, usually used over WiFi networks. Firesheep doesn't steal usernames and passwords, instead it copies session cookies used on authenticated websites. These are then used to impersonate the hijacked connection. Session hijacking, or sidejacking is a well known problem, ranking 3rd on OWASP's (Open Web Application Security Project) Top 10 Application Security Risk list. Attackers using Firesheep just need access to network traffic -- such
Mike Fratto
Former Network Computing Editor
November 03, 2010

Attackers have one more trick up their sleeves. Cain & Able will generate an SSL certificate on the fly trying to fool browser users into trusting it. Don't. If you see a message like this (browsers display certificate errors in their own way) stop what you are doing and walk away.

SEE ALSO:

Firesheep Simplifies Stealing Logins

Firesheep Exposes Need For Encryption

MobileApplication SecurityCompliance
Recommended Reading:
More Insights
White Papers
More White Papers
Webinars
More Webinars
Reports
More Reports
Editors' Choice
In Appreciation: Dark Reading's Tim Wilson
Dark Reading Staff, Dark Reading
Finding Your Niche in Cybersecurity
Kristina Balaam, Senior Security Intelligence Engineer, Lookout
HP Issues Firmware Updates for Printer Product Vulnerabilities
Jai Vijayan, Contributing Writer
10 Stocking Stuffers for Security Geeks
Ericka Chickowski, Contributing Writer
Webinars
More Webinars
White Papers
More White Papers
Events
More Events
More Insights
White Papers
More White Papers
Webinars
More Webinars
Reports
More Reports