all InfoSec news
Behind the Breach: Pass-The-Cookie Beyond IdPs
Security Boulevard securityboulevard.com
Pass-The-Cookie (PTC), also known as token compromise, is a common attack technique employed by threat actors in SaaS environments. In the past, Obsidian’s Threat Research team noted a pattern where most PTC attacks focused on stealing the identity provider (IdP) primary authentication cookie. However, there has since been a shift in attacks–now targeting authentication cookies […]
The post Behind the Breach: Pass-The-Cookie Beyond IdPs appeared first on Obsidian Security.
The post Behind the Breach: Pass-The-Cookie Beyond IdPs appeared first …
attack attacks authentication beyond breach compromise cookie environments featured identity identity provider idp idps noted obsidian pass passthecookie ptc research saas saas security security guidance session hijacking stealing targeting team threat threat actors threat research token token theft