For a while now, Errata Security has beaten their chest telling the world about their new attack: Side-jacking. Anyone who has been in the computer security industry longer than 6 months know this attack has been around for a very long time. It was discovered back in the 1990's and is named session hijacking. The idea is simple, guess or grab session identifiers and re-use them to hijack a users session. Just because you write a new tool to make the attack simpler doesn't magically make it a new attack.
What makes all this even more interesting is that Errata Security seems to be aware of this. All comments on their blog are moderated and any comment trying to set the record straight never makes it to the page. Interesting, huh?
Tuesday, August 21, 2007
Subscribe to:
Posts (Atom)