Archive for the "Hacking" Category

Session Fixation

A major concern regarding session security is keeping the session identifier secret. Session hijacking can only really be carried out if this is not kept secret. With a valid session identifier an attacker may find it very straight forward to gain access and impersonate users. Obtaining valid sessions can be very simple, but there are [...]

Read More ›