How do you perform on a test that checks whether criminals can steal your browser cookies or hijack your web session?

How are we testing?:

This test takes a cookie from one website and tries to post it to a second one, a clear sign of an attempt to hijack the web session.

To make sure you have not received a false positive, please check to see that you are not blacklisting the Zscaler website.

Why is this test important?:

Cookie theft is the primary way criminals steal your user's personal information such as logins to Gmail or Facebook or to corporate accounts on Oracle or Salesforce. Criminals often try different methods of script injection.

Take our security preview now

Websites Using Adobe Flash Vulnerable to Cookie-Stealing

Google, YouTube, Twitter, Ebay, Instagram and thousands of websites using Adobe Flash were vulnerable to the cookie-stealing bug, Rosetta Flash. Google Security Engineer, Michele Spagnuolo, writes "This is a well known issue in the infosec community, but so far no public tools for generating arbitrary ASCII-only, or, even better, alphanum only, valid SWF files have been presented. This led websites owners and even big players in the industry to postpone any mitigation until a credible proof of concept was provided.Source

In the News:

Distil Networks Finds 95% of Top Websites Cannot Protect Against Advanced Persistent Bots - SYS-CON Media (press release)

21 Jun 2017
Distil Bot Defense for APIs protects public and partner-facing APIs against developer errors, integration bugs, automated scraping, and web and mobile hijacking. For more information on Distil Networks, .... Internet of @ThingsExpo, taking place ...

How is session hijacking possible without passwords? - TechTarget

16 May 2017
Before session hijacking begins, the attacker goes to the Task Manager's Users tab to view the status of each user's account. Using the Task Manager is easier than executing a few command lines to get the status. The local admin's account is always active.

Session Hijacking, Cookie-Stealing WordPress Malware Spotted - Threatpost

10 May 2017
Anjos says it appears attackers used typosquatting, or URL hijacking, to craft the phony domain, code.wordprssapi[.]com. Typosquatting is a technique that usually relies on users making typographical errors when inputting URLs into a web browser.

More »