Скачать или смотреть Episode 133: How Cyber Attackers Steal Credentials & Hijack Sessions

Credential theft and session hijacking are rapidly evolving threats, with attackers using increasingly advanced tactics to compromise identities in the cloud. In this episode, Spencer and Tyler break down how these attacks work, why they're effective, and what you can do to defend your organization.

How modern attackers steal credentials and hijack sessions, especially using phishing and info stealer malware

The mechanics of session cookies, and why stealing them bypasses MFA protections

New attack vectors including rogue apps, OAuth abuse, and business email compromise via Teams and email

Detection techniques, including monitoring for dangerous user agents and abnormal login patterns

Practical defensive strategies—like conditional access policies, session token protections, DMARC, and user security training—to mitigate session theft and credential compromise