SECURITYBLEEPING COMPUTER
The silent “Storm”: New infostealer hijacks sessions, decrypts server-side
A new infostealer named 'Storm' bypasses local decryption by transmitting browser data to attacker servers. Varonis demonstrates how server-side decryption enables session hijacking, circumventing passwords and multi-factor authentication (MFA).
Mentioned