Dossier
session hijacking
Coverage of session hijacking in the Nexus archive.
- The silent “Storm”: New infostealer hijacks sessions, decrypts server-side
A new infostealer named 'Storm' bypasses local decryption by transmitting browser data to attacker servers. Varonis demonstrates how server-side decryption enables session hijacking, circumventing passwords and multi-factor authentication (MFA).