Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Yahoo fixes security flaw on its Web site


Add to     Digg this story Digg this

October 28, 2008

Yahoo confirms it has repaired an important security hole on its website, a few hours after security firm Netcraft said that the flaw on its site was utilized in stealing users' authentication cookies to gain access to certain Yahoo accounts, such as Yahoo Mail.

According to a post from Netcraft's website, "the attack exploits a cross-site scripting vulnerability on Yahoo's HotJobs site at, which currently allows the attacker to inject obfuscated JavaScript into the affected page. The script then steals the authentication cookies that are sent for the domain and passes them on to a different website in the U.S., where the attacker is harvesting stolen authentication details."

For its part, Yahoo's HotJobs division stated that the cross-site scripting vulnerability found on Oct. 26 was rapidly fixed. "Our team was made aware of this particular Cross-Site Scripting issue yesterday morning (Sunday, Oct. 26) and a fix was deployed within a matter of hours," read the statement. "Yahoo appreciates Netcraft's assistance in identifying this issue."

Having assured its customers that it has successfully repaired the security flaw, Yahoo also suggested further precautions for its users worried about their account security. "As a safety precaution, we recommend customers change their passwords, should they still be concerned. Users should always verify via their Sign-In Seal that they are giving their passwords to, and not to a third party."

"Sign-In Seal" is a secret message or image that users create to protect Yahoo users from phishing attacks. Users are shown the custom text or image when they are on a legitimate Yahoo page, making them quickly aware when they visit a fraudulent site.

The company has also created a website to continually educate users about online security. It is at (

"Security is an industry-wide issue and one that Yahoo treats very seriously," read Yahoo's statement. "Our company considers users' security as a top priority and will continue to take serious action at how to effectively combat malicious behavior and protect its users from any kind of attack."

Add to     Digg this story Digg this

Source: Yahoo.


Save Internet's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer