Online accounts getting hijacked and misused is an everyday occurrence, but did you know that account pre-hijacking attacks are also possible? Inspired by previous research on preemptive account hijacking by way of single sign-on (SSO) technology, researchers Avinash Sudhodanan and Andrew Paverd wanted to see whether an action by an attacker performed before a victim creates an account may allow the former to gain access to it once the the victim has created/recovered the account.
Read full article on Help Net Security