Yahoo exploited read link

For discussions about security.
Post Reply
Message
Author
nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

Yahoo exploited read link

#1 Post by nooby »

http://www.wilderssecurity.com/showthre ... ost2148480
http://krebsonsecurity.com/2012/11/yaho ... tches-700/

[quote]A zero-day vulnerability in yahoo.com that lets attackers hijack Yahoo! email accounts and redirect users to malicious Web sites offers a fascinating glimpse into the underground market for large-scale exploits.

The exploit, being sold for $700 by an Egyptian hacker on an exclusive cybercrime forum, targets a “cross-site scripting
I use Google Search on Puppy Forum
not an ideal solution though
Top
User avatar
Barkin
Posts: 803
Joined: Fri 12 Aug 2011, 04:55

#2 Post by Barkin »

Supposedly the NoScript addon for FireFox offers protection against XSS attacks ... http://noscript.net/features#xss
Top
User avatar
Monsie
Posts: 631
Joined: Thu 01 Dec 2011, 07:37
Location: Kamloops BC Canada

Yahoo exploited read link

#3 Post by Monsie »

The thing is... there have been many vulnerabilities discovered involving cross-site scripting which have been fixed to date as explained here. So, I am thinking that this must be a new security risk that will have to be addressed. Unfortunately, it doesn't appear to be a "one size patch fixes all" kind of problem.

Monsie
My [u]username[/u] is pronounced: "mun-see". Derived from my surname, it was my nickname throughout high school.
Top
Post Reply

Return to “Security”