PERSISTENT COOKIES CAN PROVE TROUBLESOME FOR AWS
Source:-duo.com For both attackers and penetration testers, phishing has been a go-to move for about two decades and it continues to work quite well today. It’s a reliable way to harvest users’ credentials for all sorts of apps and services, including cloud platforms, and a researcher has discovered that some cookies used for authentication on Amazon Web Services remain valid even after the victim has changed the password and logged out of the account. That means that an attacker who
Read more