English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

SPAMfighter is

Microsoft Gold Certified Partner

SPAMfighter also

Works with Windows Vista

SPAMfighter Exchange Module is Microsoft certified ".net connected".

Microsoft .NET Connected

Two Critical Flaws Found in Yahoo

Security researcher Aditya K. Sood has alleged that a couple of serious redirection and phishing vulnerabilities have been detected in Yahoo network. Mr. Sood posted this on a security advisory for public reference.

The attacker could manipulate the URL linked to Yahoo website and redirect traffic to use it for phishing. The seriousness of this is that a third party could call the URL for a phishing activity.

According to Sood the entire Yahoo network is susceptible to this style of cyber attack. But the researcher also said that after Yahoo patched the flaw quickly in just 24 hours.

Sood also reported a second phishing attack, which is still not fixed by Yahoo. He alleged that this attack relates to the Yahoo search core network.

In this, the links lead to searches for the next page. Here too phishers can manipulate it and divert traffic and exploit the Yahoo search engine to launch phishing attacks, Sood explained in his advisory. He said the vulnerability disturbs the Yahoo search engine in totality, as per news published by Enterpriseitplanet.com on June 26, 2007.

This security flaw is the most recent one to stir the giant website where businesses and consumers are entrusting with excessive amount of sensitive information relating to e-mail, address books and calendar entries.

Meagan Busath, spokesperson for Yahoo, said that Yahoo knows about the flaw. She said that Yahoo is earnest about the security of the site and its users. The search giant always implements the necessary steps to protect its consumers. The search engine is particularly aware of the phishing problem because it connects to the phishing industry at broader level. Busath assured that Yahoo is working on a fix, as reported by News.millersmiles.co on June 23, 2007.

Early in June 2007, Yahoo Inc. stepped into trouble when a Yahoo spokeswoman, Terrell Karlsten, revealed too many specifics about an exploit code that attacked Yahoo Messenger. The information that she divulged was sufficient for the hacker to launch his exploit codes. The hacker issued two ActiveX exploit codes specifically to Webcam application on the Full Disclosure mailing list of Yahoo Messenger. However, Yahoo released the required patch for the exploits.

» SPAMfighter News - 11-07-2007

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird - Read more

Slow PC? Try SLOW-PCfighter

Optimize your Slow PC for better performance. Try FREE scan now.

 

Exchange spam filter

SPAMfighter Exchange Module is a spam/virus filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial

<<<>>>