cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Risk of cookies, trackers; Should clearing cache be part of IR.

JimLeary
Copper Contributor

‎Aug 06 2021 07:32 AM

‎Aug 06 2021 07:32 AM

Risk of cookies, trackers; Should clearing cache be part of IR.

DShield's Aug 5th, '21 article mentions cookies on a phishing page. It made me think if they should be considered for incident response. Example, defender alerts a user clicked a link. Proxy logs show they visited and no other traffic, referrals, posts, etc. The user didn't download the phishing document. Generally, analysis concludes the risk has ended, no further action to take. Yet, would a malicious site leverage cookies, trackers, and similar objects. Should incident response include clearing cookies and cache?

673 Views
0 Likes
1 Reply
Reply
1 Reply
best response confirmed by JimLeary (Copper Contributor)
Reza_Ameri

‎Aug 06 2021 07:47 AM

‎Aug 06 2021 07:47 AM

Solution

Re: Risk of cookies, trackers; Should clearing cache be part of IR.

Cookies have limit functionality, like they won't be able to inject code or harm your system. They will be able to track like your activity in the website and also in case there is a third-party cookie, in other websites they could keep track.
You don't have to concern about delete and removing Cookies.
The best strategy would be managing Cookies.
You could do it easily in Microsoft Edge using Group Policy, take a look at:
https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies
1 Like
Reply
1 best response

Accepted Solutions
best response confirmed by JimLeary (Copper Contributor)
Reza_Ameri

‎Aug 06 2021 07:47 AM

‎Aug 06 2021 07:47 AM

Solution

Re: Risk of cookies, trackers; Should clearing cache be part of IR.

Cookies have limit functionality, like they won't be able to inject code or harm your system. They will be able to track like your activity in the website and also in case there is a third-party cookie, in other websites they could keep track.
You don't have to concern about delete and removing Cookies.
The best strategy would be managing Cookies.
You could do it easily in Microsoft Edge using Group Policy, take a look at:
https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies

View solution in original post

1 Like
Reply