Security Questions

Hi, Can a session token attack affect TG? also does TG collect any data? How does a infected with a ransomware PC affect twingate? or a nas drive? can a ransomware remotely encrypt the NAS?

Hi @sbaksh, there’s not enough detail in your question for us to respond:

  • Can you clarify what you mean by ‘session token attack’ - which session token are you concerned about and what type of attack scenario?
  • Twingate does collect data, for types of information we collect please refer to our Privacy page: Privacy Policy | Twingate
  • Twingate can’t prevent ransomeware attacks, however if you use access controls to restrict the resources that a user can access then it can impede ransomeware spreading through your network.
  • As far as NAS drives go, if ransomeware can reach your NAS and exploit a vulnerability in it, then it could suffer a breach.

Hi Emrul, Thanks for that response.

Lets say someone gain access to my computer, hijack my cookies, can this effect me? somone can log into my account and gain access to my entire network.

thx

Hi @sbaksh, we have mitigations against session hijacking (as do the identity providers we use) and we have device security to bind credentials to your physical machine (if you use a Trusted Device requirement). If someone has access to your device while you’re logged in then a determined attacker might only be slowed down by these protections so we always suggest applying good security practices such as running realtime malware protections and keeping your operating system up to date, etc.