all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Behind the Breach: Pass-The-Cookie Beyond IdPs

Add to bookmarks
Jan. 19, 2024, 8:02 p.m. | Farah Iyer

Security Boulevard securityboulevard.com

Pass-The-Cookie (PTC), also known as token compromise, is a common attack technique employed by threat actors in SaaS environments.  In the past, Obsidian’s Threat Research team noted a pattern where most PTC attacks focused on stealing the identity provider (IdP) primary authentication cookie. However, there has since been a shift in attacks–now targeting authentication cookies […]


The post Behind the Breach: Pass-The-Cookie Beyond IdPs appeared first on Obsidian Security.


The post Behind the Breach: Pass-The-Cookie Beyond IdPs appeared first …

attack attacks authentication beyond breach compromise cookie environments featured identity identity provider idp idps noted obsidian pass passthecookie ptc research saas saas security security guidance session hijacking stealing targeting team threat threat actors threat research token token theft

Visit resource

More from securityboulevard.com / Security Boulevard

KapeKa Backdoor: Russian Threat Actor Group’s Recent Attacks 4 hours ago | securityboulevard.com
actor advanced persistent threat (apt) attacks backdoor +26
MITRE ATT&CK v15: A Deeper Dive into SaaS Identity Compromise 5 hours ago | securityboulevard.com
adversaries amp att attack +22
RSAC 2024 Innovation Sandbox | RAD Security: New Solutions for Cloud-Native Anomaly Detection and Response 9 hours ago | securityboulevard.com
and response anomaly detection benchmark blog +23
External Penetration Testing: Cost, Tools, Steps, & Checklist 10 hours ago | securityboulevard.com
actions applications assets attacker +28
Continuous Risk Assessments Unify Healthcare Cybersecurity 12 hours ago | securityboulevard.com
advice aim assessments axio +18
How to Build a Phishing Playbook Part 4: Testing and Publishing 12 hours ago | securityboulevard.com
build data devops dynamic +11
Who Is Scattered Spider? 13 hours ago | securityboulevard.com
goal hacker hacker groups hackers +6
USPS Phishing Scams Generate Almost as Much Traffic as the Real Site 15 hours ago | securityboulevard.com
akamai bad bad actors cloud +41
Rubrik Sets Cyber Resiliency Course Following IPO 15 hours ago | securityboulevard.com
attack course cyber cyber resiliance +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Engineer

@ Core10 | Nashville, Tennessee, United States - Remote
View on infosec-jobs.com

Security Operations Engineer I

@ Jamf | US Remote
View on infosec-jobs.com

IT Security ISSO Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

Compliance Officer

@ Aspire Software | Canada - Remote
View on infosec-jobs.com

Security Operations Center (SOC) - AVP

@ Paytm | Noida, Uttar Pradesh
View on infosec-jobs.com
View more jobs