The Last HITB Security Conference in Malaysia

Hands-on Technical Trainings - 13th & 14th October

Triple-Track Conference - 15th & 16th October


Capture the Flag - 15th & 16th October

HackWEEKDAY - 15th & 16th October

CommSec Village - 15th & 16th October


Hacker nabs Yahoo! site backups

A penetration tester has reportedly hacked Yahoo!, claiming to have gained access to website backup and database files for a dozen databases.

The hacker using the handle Virus_Hima published screenshots that showed the purported site backups for a Yahoo! finance subdomain.

The hacker claimed to have accessed the databases via a reflected cross site scripting vulnerability which he told SC was fixed by Yahoo!. He also said he discovered a SQL Injection hole. Virus_Hima disclosed the flaws alleging that Yahoo! had ignored his vulnerability disclosure email.