= = => CLICK HERE FOR OUR WEEKLY STEAM GAME GIVEAWAYS < = = =

We are big fans of AMD CPUs and highly recommend them but DO NOT BUY AMD graphics cards and APUs - THEIR DRIVERS ARE PATHETIC

SAY NO to automated censorship bans: BOYCOTT Ubisoft's Rainbow Six Siege. If you own the game, write a negative review about it.

Yahoo Flaw Allowed Hackers to Read Anyone's Emails

ET and Rust configuration guides, tips, bugs, etc., plus hardware, software, gaming and technology related subjects in general.
User avatar
Pedro-NF
Site Admin
Posts: 3154
Joined: 03 Nov 2010, 19:59
Location: Brazil
Contact:

Yahoo Flaw Allowed Hackers to Read Anyone's Emails

#1

Post by Pedro-NF » 09 Dec 2016, 19:20

Image

Yahoo Flaw Allowed Hackers to Read Anyone's Emails

Yahoo has patched a critical security vulnerability in its Mail service that could have allowed an attacker to spy on any Yahoo user's inbox.

Jouko Pynnönen, a Finnish Security researcher from security firm Klikki Oy, reported a DOM based persistent XSS (Cross-Site Scripting) in Yahoo mail, which if exploited, allows an attacker to send emails embedded with malicious code. In his blog post published today, the researcher demonstrated how a malicious attacker could have sent the victim's inbox to an external site, and created a virus that attached itself to all outgoing emails by secretly adding a malicious script to message signatures.

Since the malicious code is in the message's body, the code will get executed as soon as the victim opens the boobytrapped email and its hidden payload script will covertly submit victim's inbox content to an external website controlled by the attacker.

Source: The Hacker News


Image
Image

https://www.fightdogmeat.com
http://www.turnmeup.org
http://www.bitcoinpaypal.info

Twitter: @pedro_corbett

"Was he crazy!"
"Yeah, in a very special way. An Irishman."

(Once Upon A Time In The West, 1968)

Who is online

Users browsing this forum: No registered users and 3 guests