Yahoo Moves Quickly To Plug Phishing Hole

Latest News | News Archive |

Posted by: Tweaker
Date added: 21:27, 25th June 2007 GMT
Source: Internet News

Security Researcher Aditya K Sood is alleging that Yahoo was at risk from a pair of critical phishing and redirection vulnerabilities. According to Sood, the first vulnerability could have allowed certain specific URLs linked on the Yahoo network websites to be manipulated to redirect traffic for a malicious purpose like phishing. The researcher alleged that the whole Yahoo network was vulnerable to this type of attack but claims that the issue was reported and patched by Yahoo within 24 hours.

There is a second phishing issue that Sood has also reported which has not yet been fixed by Yahoo. Sood alleged that the second issue is specific to the Yahoo Search core network: "The links provide for the search to next page can be manipulated by the phishers to redirect traffic and use yahoo search engine for phishing. The vulnerability affects the yahoo search engine at full." Yahoo spokesperson Meagan Busath confirmed that Yahoo is aware of the issue: "Yahoo takes security seriously and consistently employs measures to help protect our users. We are aware of this particular issue as it relates to the broader industry wide issue of phishing, and are working towards a fix."

  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!    Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

[  To top | Latest News | News Archive | ]