OnDemand | 5 Ways to Hijack Identities by Abusing the Chromium Browsers
Our web browsers, which seemingly know everything about us, are prime targets for credential stealing and session hijacking attacks. Although this has been a common practice for years, the adoption of SaaS services have made browser-based attacks more prevalent than ever. Like updating passwords on a regular basis, clearing web browser cookies is a cyber hygiene practice neglected by most. If hijacked, these cookies enable attackers to bypass Multi-Factor Authentication (MFA) and Single Sign-on (SSO) security measures and gain access to critical business applications and data. Threat actors can use this technique as a jumping point to deploy malicious code, social engineer and further carry out their attack.
Join us for a demonstration in how cookies and session IDs can be stolen with ease and how CyberArk Endpoint Privilege Manager (EPM) credential theft protection can prevent these attacks. We'll also discuss:
- Understanding of various credential and cookie theft attack vectors, including several new tactics discovered by CyberArk Labs researchers;
- A few real-life examples of how these techniques continue to be the key for high profile breaches;
- How CyberArk EPM threat prevention policies prevent cookie, passwords and security tokens theft on your endpoints.