In recent months, a new trend has emerged in the criminal underground of the internet: The theft of session cookies on victims’ end devices to gain unauthorised access to all kinds of accounts, including Atlassian accounts. These session cookies are then traded and shared in criminal circles. To mitigate this risk and offer better security against this, Atlassian now runs automated monitoring with regard to stolen session cookies and invalidates them, rendering them useless to the hacker. And customers also have new tools at hand to counter this threat.