BF-SIRT Newsletter 2017-09

The top stories from this week consist of stories about Yahoo Revealing ANOTHER 32 Million Accounts Were Hacked Using ‘Cookie Forging Attack’ and Google’s Project Zero reveals another Microsoft flaw in IE and Edge.

You can also read about the process Detectify when through to create an exploit stealing your private Slack tokens or how webpages can turn kids’ stuffed toys into creepy audio bugs.

Top 5 Security Links
Yahoo Revealing 32 Million Accounts Were Hacked Using ‘Cookie Forging Attack’
Google’s Project Zero reveals another Microsoft flaw in IE and Edge
Hacking Slack using postMessage and WebSocket-reconnect
Webpages can turn kids’ stuffed toys into creepy audio bugs
Critical Flaw in ESET Antivirus Exposes Mac Users to Remote Hacking