Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - Cookie-stealing Yahoo.com Exploit on Sale for $700->

Submitted by tsu doh nimh
tsu doh nimh (609154) writes "A zero-day vulnerability in yahoo.com that lets attackers hijack Yahoo! email accounts and redirect users to malicious Web sites offers a fascinating glimpse into the underground market for large-scale exploits. Krebsonsecurity.com writes that the exploit, being sold for $700 by an Egyptian hacker on an exclusive cybercrime forum, targets a “cross-site scripting” (XSS) weakness in yahoo.com that lets attackers steal cookies from Yahoo! Webmail users. Such a flaw would let attackers send or read email from the victim’s account."
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Cookie-stealing Yahoo.com Exploit on Sale for $700

Comments Filter:

Old programmers never die, they just branch to a new address.

Working...