Credential theft and session hijacking are rapidly evolving threats, with attackers using increasingly advanced tactics to compromise identities in the cloud. In this episode, Spencer and Tyler break down how these attacks work, why they’re effective, and what you can do to defend your organization.
- How modern attackers steal credentials and hijack sessions, especially using phishing and info stealer malware
- The mechanics of session cookies, and why stealing them bypasses MFA protections
- New attack vectors including rogue apps, OAuth abuse, and business email compromise via Teams and email
- Detection techniques, including monitoring for dangerous user agents and abnormal login patterns
- Practical defensive strategies—like conditional access policies, session token protections, DMARC, and user security training—to mitigate session theft and credential compromise
Recommended Conditional Access Policies to protect against account compromise:Â https://x.com/techspence/status/1919815226158932119
Blog:Â https://offsec.blog/
Youtube:Â https://www.youtube.com/@cyberthreatpov
Twitter:Â https://x.com/cyberthreatpov
Spencer’s Twitter:Â https://x.com/techspence
Spencer’s LinkedIn:Â https://linkedin.com/in/SpencerAlessi
Work with Us:Â https://securit360.com