PC World

Cookie handling in browsers can break HTTPS security

Cookies, the files that websites create in browsers to remember logged-in users and track other information about them, could be abused by attackers to extract sensitive information from encrypted ...
Infosecurity-magazine.com

Web Cookies Open the Door to Remote Site Compromise

Attention, webmasters: Insecure website cookies set via HTTP requests may allow a remote attacker to obtain private information from a victim's HTTPS session, warns DHS-CERT. The problem is this: A ...
Threat Post

New Attacks Recall Old Problems with Browser Cookies

DHS CERT published an alert prompted by a paper delivered at USENIX regarding the security of browser cookies. In case didn’t know or need a reminder, browser cookies aren’t exactly impervious to ...