A new exploit being sold for $700 may put tens of millions of Yahoo Mail users at risk. Once victims click on a malicious email link, the exploit allows an attacker to steal and replace tracking cookies, while remotely controlling the victims’ browsing sessions. “After the victim clicks the link, he will be redirected to the email page again,” a demonstration video for the hack explained. “And you can redirect him to wherever you want.” According to Yahoo, fixing the exploit won’t be nearly as difficult as finding it. That’s because it’s an XSS flaw set off by a URL, a hole that can easily be patched, but hard to locate. Read the full story at Mashable.
$700 Hack Threatens Millions of Yahoo Mail Users
Author: Shelly Palmer
Shelly Palmer is Fox 5 New York's On-air Tech Expert (WNYW-TV) and the host of Fox Television's monthly show Shelly Palmer Digital Living. He also hosts United Stations Radio Network's, Shelly Palmer Digital Living Daily, a daily syndicated radio report that features insightful commentary and a unique insiders take on the biggest stories in technology, media, and entertainment. He is Managing Director of Advanced Media Ventures Group, LLC an industry-leading advisory and business development firm and a member of the Executive Committee of the National Academy of Television Arts & Sciences (the organization that bestows the coveted Emmy® Awards).