Yahoo developer feature can be used to steal user data

Attackers can read emails, contacts and other private data from the accounts of Yahoo users who visit a malicious page by abusing a feature present on Yahoo’s Developer Network website, according to an independent security researcher.

A limited version of the attack was presented on Sunday at the DefCamp security conference in Bucharest, Romania, by a Romanian Web application bug hunter named Sergiu Dragos Bogdan.

Tags:

Yahoo

Security

Story added 4. December 2012, content source with full text you can find at link above.

Comments are closed.

More antivirus and malware news?

Resolved: Manually Enrolled courses can be requested in Canvas
Sacked IT guy annihilates 23 of his ex-employer’s AWS servers
Uber in Legal Crosshairs Over Hack Cover-up
Canvas will implement performance update from 5 to 7 a.m. on Monday, October 15
Parliamentary insiders clean up MPs’ Wikipedia pages
New algorithm puts time-scrambled data into chronological order
Cisco IOx brings apps to network edge in latest Internet of Things play
Mandatory HTTP 2.0 encryption proposal sparks hot debate
S3 Ep 126: The price of fast fashion (and feature creep) [Audio + Text]
Polish president’s computer network attacked

Yahoo developer feature can be used to steal user data

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts