Session hijacking

Picture1 3

From PyPI to the Dark Marketplace: How a Malicious Package Fuels the Sale of Telegram Identities

| | applications, imperva, Imperva Threat Research, PyPI, Session hijacking, tdata, Telegram, thales, Threat Research
Introduction In today’s digital era, security breaches can occur in the blink of an eye. Telegram Desktop is renowned for its secure, user-friendly messaging interface, but what if the data used to ...
Blog
Astaroth: A New 2FA Phishing Kit Targeting Gmail, Yahoo, AOL, O365, and 3rd-Party Logins

Astaroth: A New 2FA Phishing Kit Targeting Gmail, Yahoo, AOL, O365, and 3rd-Party Logins

| | 2fa, 2FA bypass, Astaroth, bec, credential theft, cybercrime, Cybersecurity, Email Protection, MFA, Microsoft 365, Phishing, phishing attack, Phishing Attacks, phishing kit, phishing kits, reverse proxy, Session hijacking, social engineering, Threat Discovery, two factor authentication
Phishing attacks continue to evolve, pushing even the most secure authentication methods to their limits. First advertised on cybercrime networks in late January 2025, Astaroth is a brand new phishing kit that ...
SlashNext
Astaroth: A New 2FA Phishing Kit Targeting Gmail, Yahoo, AOL, O365, and 3rd-Party Logins

Astaroth: A New 2FA Phishing Kit Targeting Gmail, Yahoo, AOL, O365, and 3rd-Party Logins

| | 2fa, 2FA bypass, Astaroth, bec, credential theft, cybercrime, Cybersecurity, Email Protection, MFA, Microsoft 365, Phishing, phishing attack, Phishing Attacks, phishing kit, phishing kits, reverse proxy, Session hijacking, social engineering, Threat Discovery, two factor authentication
Phishing attacks continue to evolve, pushing even the most secure authentication methods to their limits. First advertised on cybercrime networks in late January 2025, Astaroth is a brand new phishing kit that ...
SlashNext
Behind the Breach: Pass-The-Cookie Beyond IdPs

Behind the Breach: Pass-The-Cookie Beyond IdPs

| | FEATURED, passthecookie, PTC attack, SaaS Security, Security Guidance, Session hijacking, Token theft
Pass-The-Cookie (PTC), also known as token compromise, is a common attack technique employed by threat actors in SaaS environments.  In the past, Obsidian’s Threat Research team noted a pattern where most PTC ...
Obsidian Security
Behind the Breach: Pass-The-Cookie Beyond IdPs

Behind the Breach: Pass-The-Cookie Beyond IdPs

| | FEATURED, passthecookie, PTCattack, SaaS Security, Security Guidance, Session hijacking, Token theft
Pass-The-Cookie (PTC), also known as token compromise, is a common attack technique employed by threat actors in SaaS environments.  In the past, Obsidian’s Threat Research team noted a pattern where most PTC ...
Obsidian Security
â„¢

Securing Against OAuth Exploitation: A Step-By-Step Guide

| | , FEATURED, Microsoft 365 security, Oauth Application Abuse, SaaS Security, SaaS security posture, Security Guidance, Session hijacking, SSPM
Recent findings from Microsoft Threat Intelligence reveal a concerning trend: threat actors exploiting vulnerabilities in Microsoft 365 and Azure environments to execute attacks, with a focus on OAuth application abuse. In this ...
Obsidian Security

Obsidian’s 2023 SaaS Security Predictions

| | 2023 security trends, FEATURED, privacy laws, SaaS Security, Security Advisories, Security Trends, Session hijacking, Token theft
SaaS security goes prime time in 2023 High-profile cyber attacks at Okta, Hubspot, and others in 2022 suggest bad actors are continuing to put more energy into targeting SaaS. Indeed, it is ...
Obsidian Security

SaaS Security Soars at Fal.Con 2022

| | CrowdStrike, Fal.Con, FEATURED, SaaS Security, Security Guidance, Session hijacking
At the end of September, the Obsidian team attended this year’s CrowdStrike Fal.Con cybersecurity conference in Las Vegas as part of the New Innovator’s Pavillion showcase. It was a great opportunity to ...
Obsidian Security
A Deep Dive into SaaS Session Hijacking

A Deep Dive into SaaS Session Hijacking

| | Data Science & AI, Identity provider, Man In The Middle, SaaS Security, Session hijacking, Token theft
In a previous blog, we introduced the growing threat of session hijacking and explained just how dangerous and discrete these attacks can be. Today, in the second part of our series, we’ll ...
Obsidian Security