The “Surf Jack” security tool demonstrates a security flaw found in many public sites. The proof of concept tool allows testers to steal session cookies on HTTP and HTTPS sites that do not set the Cookie secure flag.
For a paper with detailed information go here.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.