IT-WS04 (LESSON 7)

avatar
Created by
Jasmin Huerta

Cards (8)

  • Cookies
    • small pieces of data sent from a website and stored on the user's device
  • Cookies
    • serve various purposes, including session management, personalization, tracking user behavior, and authentication.
  • Session cookies
    • are often seen as one of the biggest security and privacy issues with HTTP
  • SESSION HIJACKING
    • Attackers intercept cookies to take over user sessions, accessing sensitive data or performing unauthorized actions.
  • LACK OF ENCRYPTION
    • Cookies are transmitted in plaintext, vulnerable to interception by malicious actors, facilitating unauthorized access.
  • FULL ACCESS TO ACCOUNT
    • Compromised session cookies grant attackers complete account access, risking exposure of sensitive information and malicious activities.
  • FULL ACCESS TO ACCOUNT
    • Compromised session cookies grant attackers complete account access, risking exposure of sensitive information and malicious activities.
  • XSS VULNERABILITIES
    • Attackers inject malicious scripts into web pages, stealing session cookies to hijack user sessions and perpetrate further attacks.