{"id":3418,"date":"2024-05-06T05:00:00","date_gmt":"2024-05-06T10:00:00","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=80346"},"modified":"2024-05-06T05:00:00","modified_gmt":"2024-05-06T10:00:00","slug":"stealing-cookies-researchers-describe-how-to-bypass-modern-authentication","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/05\/06\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication\/","title":{"rendered":"Stealing cookies: Researchers describe how to bypass modern authentication"},"content":{"rendered":"<p><head> <meta charset=\"UTF-8\"> <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"> <meta name=\"robots\" content=\"index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1\"> <!-- This site is optimized with the Yoast SEO Premium plugin v21.7 (Yoast SEO v21.7) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ --> <title>Stealing cookies: Researchers describe how to bypass modern authentication | CyberScoop<\/title> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Stealing cookies: Researchers describe how to bypass modern authentication\"> <meta property=\"og:description\" content=\"Passwordless authentication standards have improved identity security, but new research indicates this technology is vulnerable to token hijacks and man-in-the-middle attacks.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-05-06T10:00:00+00:00\"> <meta property=\"article:modified_time\" content=\"2024-05-04T16:46:49+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication-2.jpg\"> <meta property=\"og:image:width\" content=\"2121\"> <meta property=\"og:image:height\" content=\"1414\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"djohnson\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <!-- \/ Yoast SEO Premium plugin. --> <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1712700738g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1713212360g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1712858261g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=74528d75ce0daeb8628a\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/80346\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.5.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=80346\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fstealing-cookies-researchers-describe-how-to-bypass-modern-authentication%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fstealing-cookies-researchers-describe-how-to-bypass-modern-authentication%2F&amp;format=xml\"> <!-- Google Tag Manager --> <!-- End Google Tag Manager --> <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-80346 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"24.48231511254\">\n<div class=\"single-article__header-content\" readability=\"30.668918918919\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/cybersecurity\/\"> <span>Cybersecurity<\/span> <\/a> <\/li>\n<\/ul>\n<p> Passwordless authentication standards have improved identity security, but new research indicates this technology is vulnerable to token hijacks and man-in-the-middle attacks. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication.jpg?resize=640%2C426&#038;ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication-2.jpg 2121w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication-2.jpg?resize=2048,1365 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"70.669941328967\"><body readability=\"142.47230019205\"><\/p>\n<p>Passwords and other knowledge-based forms of authenticating user identity continue to be a weak point in the security of digital systems.&nbsp;<\/p>\n<p>Stolen credentials have been a factor in nearly a third of all breaches tracked by Verizon over the past decade, according to its recently released <a href=\"https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/?CMP=OOH_SMB_OTH_22222_MC_20200501_NA_NM20200079_00001\">Data Breach Investigation Report<\/a>. They\u2019re also the first thing most attackers are likely to look for after gaining initial access, highlighting the central role that passwords and other credentials have become to modern compromises.<\/p>\n<p>That development has led to the rise in popularity of more modern authentication methods and standards like FIDO2, which verifies users via unique cryptographic credentials generated by and tied to hardware devices, like a smartphone or desktop. This form of authentication does not rely on passwords, instead pairing a security key or biometric ID on a hardware device with multifactor authentication to access applications through a single sign on (SSO) solution.<\/p>\n<p>But even these protections can be sidestepped in some circumstances by a determined attacker. In <a href=\"https:\/\/streaklinks.com\/B88zoLD9PZSaMynn8QuWOxo6\/https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F\">research<\/a> shared exclusively with CyberScoop ahead of this week\u2019s RSA Conference, Silverfort\u2019s Dor Segal and Yiftach Keshet laid out a method for bypassing this form of authentication, via a man-in-the-middle (MITM) attack capable of hijacking and replicating user sessions in many applications that use SSO solutions, including Microsoft Entra ID and PingFederate.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Standards like FIDO2 were developed to protect users and businesses against phishing and MITM attacks, in large part by moving away from authentication factors \u2014 such as passwords \u2014 that <a href=\"https:\/\/cyberscoop.com\/federal-government-agency-social-media-security-multifactor-authentication\/\">can be stolen through hacking or social engineering<\/a> and replacing them with hardware, security keys or biometric signals that are much more difficult to obtain.<\/p>\n<p>But this method relies on third-party solutions, like SSO, that must create an authentication session to serve as a gateway between the user and the application they\u2019re accessing. While internet protocols like Transport Layer Security encrypt traffic on the front end of that process, those protections don\u2019t extend to the tokens and traffic sessions they are used to authenticate, which can linger and endure for hours.<\/p>\n<p>Tokens function like a digital key to keep a digital door ajar once it\u2019s been opened, and even when technology like FIDO2 is in use, an attacker situated between the victim and the application can intercept and re-use these session tokens to gain access to a user\u2019s account, Segal said.<\/p>\n<p>\u201cOnce the authentication has ended successfully, there is an entire authenticated session in which sensitive data is sent back and forth,\u201d Segal said. \u201cAnd this session token itself can be replicated over and over and over again, with no geographic protection or limitation on [the number of] tokens.\u201d<\/p>\n<p>Keshet said this kind of attack is possible because the most common implementation of standards like FIDO2 tends to offer strong protection during the authentication phase, but once a user is authenticated, there are few restrictions for what they can access with a valid session.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>This form of authentication \u201cmakes it very hard to get through the door, but once you\u2019ve got through the door, then you are fine,\u201d Keshet said. \u201cYou have the token of your firewall to authenticate it, then an attacker can hijack the session and replicate it and do whatever they want.\u201d<\/p>\n<p>Some necessary caveats: This kind of attack can only be pulled off in relatively narrow circumstances by a dedicated attacker. Segal said the user would need to have installed a malicious browser extension or be in transit and use public Wi-Fi where their traffic could be intercepted and decrypted through a MITM attack. That means an attack like this could only work under a limited set of conditions.<\/p>\n<p>While this method would allow an attacker to bypass protections offered by passwordless standards like FIDO2, Segal said it is ultimately the responsibility of application developers to prevent misuse of the session tokens they create. While Silverfort\u2019s research does point toward some holes in the overall process that standards like FIDO2 rely on, the researchers emphasized that such methods remain vastly superior to passwords and knowledge-based forms of identity protection.&nbsp;<\/p>\n<p>Jeremy Grant, a policy adviser at the FIDO Alliance who served as program lead during the Obama administration for the White House National Strategy for Trusted Identities in Cyberspace, told CyberScoop that the bypass methods outlined in the research are technically correct but do not reflect flaws or vulnerabilities in FIDO\u2019s authentication standards.<\/p>\n<p>Rather, it highlights the inability of industry to create a common way to protect authentication tokens from being stolen or abused.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The type of attack described by Silverfort\u2019s research can be mitigated by a technique known as \u201c<a href=\"https:\/\/www.ietf.org\/proceedings\/91\/slides\/slides-91-uta-2.pdf\">token binding<\/a>,\u201d but the companies that maintain the ubiquitous applications that would need to be protected using this tool have failed to embrace it.&nbsp;&nbsp;<\/p>\n<p>Token binding works by adding an additional security layer, explicitly binding the authenticated session token to the underlying TLS handshake that is used to encrypt traffic on the front end. In practice, this means only the actual user would be able to use that token to access applications, and it would prevent an attacker from replicating that session indefinitely to maintain their access.<\/p>\n<p>\u201cThis will practically validate that the token can be used only within the context of this single, authenticated session [and] can\u2019t be used anywhere else,\u201d Keshet said.<\/p>\n<p>Major tech companies like Google, Microsoft, Yubico and others have embraced token binding in some of their products, but overall adoption remains low. The only major browser to support token binding is Microsoft Edge.<\/p>\n<p>In 2018, Chromium, an open-source web browser project maintained by Google that develops much of the underlying codebase for Google Chrome and other browsers, discontinued support for token binding, with developers citing limited benefits and low adoption rates.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cAfter weighing the security benefit of Token Binding against the engineering costs, maintenance costs, web compatibility risk, and adoption, it does not make sense to ship this feature,\u201dChromium developer Nick Harper <a href=\"https:\/\/groups.google.com\/a\/chromium.org\/g\/blink-dev\/c\/OkdLUyYmY1E\/m\/w2ESAeshBgAJ\">wrote<\/a> at the time, citing metrics indicating that less than .01% of observed HTTPS requests had token binding turned on.<\/p>\n<p>Last month, Google<a href=\"https:\/\/blog.chromium.org\/2024\/04\/fighting-cookie-theft-using-device.html\"> announced<\/a> it would be implementing a Beta version of what it called \u201cDevice Bound Session Credentials,\u201d which operate in a similar way by binding authentication sessions to specific devices, to protect against session and cookie theft in Chrome.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.520572450805\">\n<div class=\"author-card\" readability=\"13\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/05\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication-1.jpg?w=640&#038;ssl=1\" alt=\"Derek B. Johnson\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Derek B. Johnson<\/h4>\n<p> Derek B. Johnson is a reporter at CyberScoop, where his beat includes cybersecurity, elections and the federal government. Prior to that, he has provided award-winning coverage of cybersecurity news across the public and private sectors for various publications since 2017. Derek has a bachelor\u2019s degree in print journalism from Hofstra University in New York and a master\u2019s degree in public policy from George Mason University in Virginia. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p> <!-- .popular-stories__stories --> <\/div>\n<p><!-- .popular-stories__inner -->\n<\/div>\n<p><!-- .popular-stories --> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p> <!-- Start of HubSpot Embed Code --> <!-- End of HubSpot Embed Code --> <\/body> <a href=\"https:\/\/cyberscoop.com\/stealing-cookies-researchers-describe-how-to-bypass-modern-authentication\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Stealing cookies: Researchers describe how to bypass modern authentication |<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1997,613,78,440,1998,435,1999],"tags":[2000,618,86,444,2001,438,2002],"class_list":["post-3418","post","type-post","status-publish","format-standard","hentry","category-access-tokens","category-authentication","category-cybersecurity","category-data-breaches","category-fido2","category-mitm","category-stolen-credentials","tag-access-tokens","tag-authentication","tag-cybersecurity","tag-data-breaches","tag-fido2","tag-mitm","tag-stolen-credentials"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/access-tokens\/\" rel=\"category tag\">access tokens<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/authentication\/\" rel=\"category tag\">authentication<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/data-breaches\/\" rel=\"category tag\">data breaches<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/fido2\/\" rel=\"category tag\">FIDO2<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/mitm\/\" rel=\"category tag\">MITM<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/stolen-credentials\/\" rel=\"category tag\">stolen credentials<\/a>","tag_info":"stolen credentials","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/3418","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=3418"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/3418\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=3418"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=3418"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=3418"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}