Another year, another new set of cybersecurity threats to overcome, outwit and mitigate against. At the beginning of 2021, the cybersecurity world was informed by CISA (the USA Cybersecurity and Infrastructure Security Agency) of a spate of attacks targeting cloud environment configurations, supposedly occurring as a result of the increase in remote working.

Once you add to the mix the fact that corporate and personal devices were being used – often simultaneously – to access cloud services, the stage was set for various malicious actors to utilize an array of criminal tactics to access data. Among the usual brute force login attempts and phishing attacks, there was a noted increase in what has become known as ‘pass-the-cookie’ attacks, a relatively new method of cybercrime which it would be a good idea to become familiar with if you aren’t already. While the U.S. federal regulation of cookies goes some distance towards assisting with the mitigation of attacks, we need to stay updated and vigilant beyond that.

For better or worse, we’ve become used to cookies as an integral part of online life. Though you might be aware that selective cookie deletion can help to find better deals on flights and hotels, due to the way data is stored, when we start looking into the complexities and possibilities for cybercrime that cookies create, it becomes increasingly clear that attacks which rely on cookies can be used to compromise assets, steal data and reach deep into databases to access sensitive information.

In pass-the-cookie attacks, cyber criminals are able to use stolen ‘session’ cookies (also known as transient cookies) in order to authenticate themselves to web services, thus bypassing security measures like MFA because the session has, for all intents and purposes, been authenticated. It isn’t hard (Read more...)