Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Here’s the Netflix account compromise Bugcrowd doesn’t want you to know about
#1
Quote: Weakness allows attackers to steal browser cookies used to authenticate Netflix users.

A Netflix security weakness that allows unauthorized access to user accounts over local networks is out of the scope of the company’s bug bounty program, the researcher who reported the threat said. 

Despite dismissing the report, the Bugcrowd vulnerability reporting service is trying to prevent public disclosure of the weakness.

The researcher's proof-of-concept exploit uses a classic man-in-the-middle attack to steal a Netflix session cookie. 


These browser cookies are the equivalent of a wristband that music venues use so paying customers aren’t charged an entrance fee a second time. Possession of a valid session cookie is all that’s required to access a target’s Netflix account. 

Continue reading HERE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Ransomware gangs are running riot and paying them off doesn't help Bjyda 0 1,352 02-18-2021 , 12:24 AM
Last Post: Bjyda
  Netflix account freeze – don’t click, it’s a scam! sidemoon 1 1,558 11-29-2019 , 09:06 PM
Last Post: Mike
  How to prevent business email compromise attacks tarekma7 0 1,130 11-23-2019 , 10:27 AM
Last Post: tarekma7
  Rare Steganography Hack Can Compromise Fully Patched Websites tarekma7 0 1,454 07-31-2019 , 12:31 AM
Last Post: tarekma7
Exclamation Supply chain compromise: Adding undetectable hardware Trojans to integrated circuits Mohammad.Poorya 0 1,607 12-11-2018 , 10:26 AM
Last Post: Mohammad.Poorya

Forum Jump:


Users browsing this thread: 1 Guest(s)