all InfoSec news
Pre-hijacked accounts: An Empirical Study of Security Failures in User Account Creation on the Web. (arXiv:2205.10174v1 [cs.CR])
May 23, 2022, 1:20 a.m. | Avinash Sudhodanan, Andrew Paverd
cs.CR updates on arXiv.org arxiv.org
The ubiquity of user accounts in websites and online services makes account
hijacking a serious security concern. Although previous research has studied
various techniques through which an attacker can gain access to a victim's
account, relatively little attention has been directed towards the process of
account creation. The current trend towards federated authentication (e.g.,
Single Sign-On) adds an additional layer of complexity because many services
now support both the classic approach in which the user directly sets a
password, and …
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Deputy Chief Information Security Officer
@ City of Philadelphia | Philadelphia, PA, United States
Global Cybersecurity Expert
@ CMA CGM | Mumbai, IN
Senior Security Operations Engineer
@ EarnIn | Mexico
Cyber Technologist (Sales Engineer)
@ Darktrace | London