Online accounts getting hijacked and misused is an everyday occurrence, but did you know that account pre-hijacking attacks are also possible? Inspired by previous research on preemptive account hijacking by way of single sign-on (SSO) technology, researchers Avinash Sudhodanan and Andrew Paverd wanted to see whether an action by an attacker performed before a victim creates an account may allow the former to gain access to it once the the victim has created/recovered the account. … More
The post Account pre-hijacking attacks possible on many online services appeared first on Help Net Security.