Diff for "なりすまし/account_pre-hijacking"

Differences between revisions 6 and 7

Contents

解説

/SSO Single Sign-On (SSO), federated identity management

Avinash Sudhodanan in collaboration with Andrew Paverd

New Research Paper: Pre-hijacking Attacks on Web User Accounts

https://msrc-blog.microsoft.com/2022/05/23/pre-hijacking-attacks/

if the attacker can create an account at a target service using the victim’s email address 
before the victim creates an account, 
the attacker could then use various techniques to put the account into a pre-hijacked state.

Pre-hijacked accounts: An Empirical Study of Security Failures in User Account Creation on the Web

https://arxiv.org/abs/2205.10174

https://arxiv.org/pdf/2205.10174.pdf 2205.10174.pdf

4 Account Pre-Hijacking Attacks

1. 解説

https://www.helpnetsecurity.com/2022/05/24/account-pre-hijacking/

CategoryDns CategoryWatch CategoryTemplate

MoinQ: なりすまし/account_pre-hijacking (last edited 2022-08-26 07:47:28 by ToshinoriMaeno)

-  ⇤ ← Revision 6 as of 2022-05-26 01:50:45 → 
  Size: 917
  Editor: ToshinoriMaeno
  Comment:
+   ← Revision 7 as of 2022-05-26 02:06:29 → ⇥
  Size: 1000
  Editor: ToshinoriMaeno
  Comment:
-Deletions are marked like this.
+Additions are marked like this.
 Line 31:
+== 解説 ==
https://www.helpnetsecurity.com/2022/05/24/account-pre-hijacking/

MoinQ: Diff for "なりすまし/account_pre-hijacking"

1. 解説