Submission + - New Tool Automates Webmail Account Hijacks (washingtonpost.com) 1
andrewd18 writes: "According to the Washington Post's Security Fix blog, a tool was debuted at the Black Hat conference that makes it simple to hijack webmail services over a wireless network. While the dangers of unencrypted data transfer on a public wireless network have been around for some time, this tool presents the first example of an automated webmail hijack. Since the tool uses a cookie based attack, it works whether or not the user changes his or her password. This tool could potentially automate the attack of any user on a wireless network, so long as the website the user logs into does not encrypt its login information."