Difficult to categorize as a service Yahoo Mail Aamaal safe, especially after the mother company Yahoo to offer a huge breakthrough 500 million expense for a breakthrough in 2014, and their silence about it and hide it from users, where we did not discover until recently it this year.
Yahoo actually pretty bad with regard to the security aspect as reports show year after year.
The researcher Jouko Pynnonen the discovery of a critical gap-type ( cross-site scripting (XSS in your Yahoo Mail service as simply and literally enables access to any Yahoo account and read incoming messages freely tray.
Yahoo this time and unusually had to patch the gap last week was awarded a researcher $ 10 thousand dollars, according to its own program of bonuses.
No need for any movement of the user.
The researcher explains that it was possible the attacker Nafud (infiltration) any by just by bypassing the HTML for Yahoo filters using the links hide malicious JavaScript BB.
The worst that users were not able to overcome the gap in any way, Vaanaatat such as the lack of pressure on the links bomb or something else like that were not of benefit, hackers only need to send a message body look attractive to be penetrating the victim only once you open the message to read without pressure on anything or answer ...
It is worth mentioning that it was informed Yahoo Vulnerability in 12 of Novmr not been patched only in day 29 of the same month, and the strange thing is that the same security researcher has discovered a loophole -nakl it was similar in risk - the last year of the same type, ie , XSS, such that anything it shows notsecurity aspect Mbalat company also said thatlot of relevant sites
0 Comments