Breaking News : YAHOO has just released a security patch that prevents a serious bug which allowed hackers to read any email

Yahoo has just issued a security patch of a highly critical XSS (cross-site scripting) security vulnerability in its users’ email system that allowed hackers to read any email contents.

Who discovered this security flaw ?

Jouko Pynnonen, a famous cyber-security researcher lived in Finland first discovered this serious issue and reported it to Yahoo. Jouko Pynnonen also reported a serious bug in Yahoo last year that allowed hackers to hack any user’s account by using XSS (cross-site scripting) vulnerability. He was also awarded in $10,000 by Yahoo’s bug bounty program on Hackerone.

How does this bug work ?

Jouko Pynnonen has posted an article on his personal blog about how the bug works. He said that the bug existed in the email’s HTML filtering.
Jouko sent an email with various sorts of attachments to inspect the raw code in HTML (Hyper Text Markup Language) of that email. However, Yahoo has a protection to block malicious codes of these type HTML emails in its filtration process.

But, Jouko had succeeded to bypass this filtration process by sending a YouTube link in that email which allowed him to execute a JavaScript code. After executing this malicious JavaScript he was able to read victim’s email finally.

According to his statement :

“As long as the URL pointed to a white-listed website such as YouTube, it was not further sanity checked or encoded,” writes Pynnonen.

I’m still a Yahoo user. What can I do now to get rid off ?

Do not scare …. Yahoo has already fixed this poisonous flaw.

Sources for the news and further reading

https://www.hackread.com/yahoo-fixes-flaw-that-allowed-hackers-to-read-emails/

image credit

Tags : Bugs, Hacks, News, Security, Software, Yahoo,

This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit

$3 Donation [Fixed]

Donate

$Any Amount

Comments

Before A Heavy Rainfall

I clicked at the exact time ; after about 5 minutes rain started Location : Dakshineswar, Kolkata Snap taken : 02 August 2016 Camera : Xiaomi ; model - 2014818 Tags : Photography, Nature, Landscape photography, Flowers & Plants photography, Sky, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

One Black & White Photograph Daily for 30 days - Day #25

green yard - behind of my village home Camera : Xiaomi Model : 2014818 Location : Bongaon, West Bengal, India Snap Taken : 14 March 2016 Tags : Black & White Photography, Flowers & Plants photography, Landscape photography, Nature, Photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

What I Learnt Today : 10 Unknown Amazing Facts About Animals - Part CXXXIII

image credit (1) Japanese Macaques make snowballs for fun. (2) The chevrotain is an animal that looks like a tiny deer with fangs. (3) Turritopsis nutricula Immortal jellyfish is the only species known to live forever. (4) One million stray dogs and 500,000 stray cats live in New York City metropolitan area. Turritopsis nutricula Immortal jellyfish image credit (5) Nine-banded armadillos always give birth to identical quadruplets. (6) The flying frog uses flaps of skin between its toes to glide. (7) It takes a sloth two weeks to digest its food. Nine-banded armadillo flying frogs image credit (8) A narwhal tusk is actually an exaggerated front left tooth, and unlike most teeth, it's soft and sensitive on the outside with a tough interior. (9) Humpback whales create the loudest sound of any living creature. (10) The slowest mammal on earth is the tree sloth. It only moves at a speed of 6 feet (1.83 meters) per minute. slot...

Close Shot - Red Chili (Chili pepper)

Red Chili is one kind of fruit of plants from the genus Capsicum and species Frutescens. So, it's scientific name is Capsicum Frutescens . They are vastly used in all kinds of bengali curry and spicy dishes. They are also used in many cuisines to add spiciness to dishes. Nutrition Facts [per 100 gm] Total Calories 35 Fat 0% Cholesterol 0% Sodium 0% Potassium 10% Carbohydrate 2% Dietary fiber 6% Sugar 0% Protein 3% Vitamin A 19% Vitamin B-6 25% Vitamin C 240% Iron 5% Magnesium 5% Calcium 1% [Source of Nutrition info : wikipedia ] Location : Barasat, Kolkata, West Bengal Snap taken : 14 March 2018 Camera : samsung; model - SM-A310N0 Tags : Photography, Nature, Fruits, Fruits photography, Macro Photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] ...

The Real Face Of India - Episode 133

The Real Face Of India - Episode#133 I believe that India is the most beautiful country in the world. In this series I show the real face of beautiful India. Half Dozen Photos of Natural Beauties Snap taken : 21 Mar 2018 Camera : SAMSUNG, Model : SM-A310N0 Other Episodes : Episode#01 , Episode#02 , Episode#03 , Episode#04 , Episode#05 , Episode#06 , Episode#07 , Episode#08 , Episode#09 , Episode#10 , Episode#11 , Episode#12 , Episode#13 , Episode#14 , Episode#15 , Episode#16 , Episode#17 , Episode#18 , Episode#19 , Episode#20 , Episode#21 , Episode#22 , Episode#23 , Episode#24 , Episode#25 , Episode#26 , Episode#27 , Episode#28 , Episode#29 , Episode#30 , Episode#31 , Episode#32 , Episode#33 , Episode#34 , Episode#35 , Episode#36 , Episod...

Newslink: Zimbabwe Unleashes New Dollar-Pegged Currency, Should Switch to Bitcoin Instead

Zimbabwe Unleashes New Dollar-Pegged Currency, Should Switch to Bitcoin Instead image credit Zimbabwe has begun printing bond notes, allegedly pegged to the US dollar, as a means to curb inflation, as other countries turn to Bitcoin. In a resurrection of the African country’s currency not seen in seven years, the central bank is attempting to restart a Zimbabwean national currency, while simultaneously preserving its value from inflation. The new bond notes are pegged to the U.S. dollar, allegedly backed by a $200 million bond facility with Afreximbank, as a safeguard against rapidly losing its value to hyperinflation, as was the case with the nation’s last currency. Read full story on cointelegraph website Tags : Bitcoin, Cryptocurrency, Economics, Money, News, Crypto Markets, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click He...

Monkey, Tree & Temple

Just Outside The Dakshineswar Kali Temple Location : Dakshineswar, Kolkata Snap taken : 02 August 2016 Camera : Xiaomi ; model - 2014818 Tags : Photography, Animals photography, Wildlife photography, Building & Architecture, Flowers & Plants photography, Nature, Landscape photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

HOW GOOGLE'S NEW A.I. MICROCHIPS TAKE A PAGE FROM BITCOIN MINERS

Yesterday at Google’s I/O developers conference , CEO Sundar Pichai briefly spoke about a custom-built chip that helps give Google its edge in machine learning and artificial intelligence. The chip, dubbed a TPU or Tensor Processing Unit (in keeping with Google's A.I. platform TensorFlow ), is specifically wrought for running Google’s decision-making algorithms. Most companies like Facebook and Microsoft use GPUs for their machine learning and artificial intelligence.But Pichai’s speech and the accompanying blog post only reveal a few details about TPUs. About the only useful thing we know about the chip is that it’s an ASIC, or application-specific integrated circuit. ASIC chips aren’t bought off the shelves, but designed specifically to do one task very well without using a lot of power. They’re used in applications that never change, like the controlling how a phone battery charges. .............................. [ read full story ] Ta...

One day at the Zoo -Episode #07

Two weeks ago I visited "Alipore Zoological Gardens" in Kolkata which is mostly known as "Alipore Zoo". It was founded in the year of 1875 in British India. And it was established by Edward VII, and then The prince of wales. This zoo is the biggest attraction of the tourists in the "City of Joy". However, the Alipore Zoo has some notable historical value as it's the most old zoological garden in India. The zoo was also famous for the home of "Aldabra giant tortoise". But, in 2006 the tortoise died at the age of almost 250. There are now over 1266 animals of 108 species are living in the Alipore Zoo. And annual visitors of the zoo is about 3 millions. **I captured some photos, but, due to the obstacle of the fence I couldn't take them very clearly. ** To be continued ... Episode #1 , Episode #2 , Episode #3 , Episode#4 , Episode#5 , Episode#6 source of info : Wikipedia Tags : Animals, Animals photography, Ph...

One Black & White Photograph Daily for 30 days - Day #24

an unknown bird singing on my friend's window Camera : SAMSUNG Model : GT-I8262 Location : Bongaon, West Bengal, India Snap Taken : 23 february 2015 Tags : Black & White Photography, Photography, Birds, Birds photography, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit $3 Donation [Fixed] Donate $Any Amount

Search This Blog