Yahoo breach highlights cookie security issues
Last year Yahoo reported several data breaches occurring between 2013 and 2016 which affected a large number of user accounts. Personal information stolen could have included email addresses, telephone numbers, dates of birth, hashed passwords and encrypted or unencrypted security questions and answers.
Following forensic investigations Yahoo has revealed that fake cookies were a probable method used by attackers to access user accounts…
Link: Weekly Threat Report 10th March 2017
Source: NCSC Reports
