Featured Slideshow

http://photos.hackinthebox.org/index.php/2008/KUL/hitb2008kl-conference-day1-day2/HITBSECCONF2008_8155

Pirate Bay cofounder Peter Sunde to run for European Parliament

Thursday, May 16, 2013

Posted by l33tdawg

0 comment(s)

Peter Sunde, one of four cofounders of notorious BitTorrent search site The Pirate Bay, says he plans to run in next year's European Parliament elections, despite his impending incarceration for... read more

http://www.youtube.com/watch?feature=player_embedded&v=dcjViYTDk-A

Password Minder: The blank notebook that got laughed out of production

Thursday, May 16, 2013

Posted by l33tdawg

Security

0 comment(s)

Passwords are a constant headache, a headache that will one day grow so bad that—if infomercials can be believed—your grandmother will pound a table in frustration. How to manage them? Early this... read more

IBM lost contract for bidding too low

Thursday, May 16, 2013

Posted by l33tdawg

IBM, Industry News

0 comment(s)

IBM lost a lucrative government contract because it made a bid for the work which was a bit on the Finn side.While most government contracts automatically go to the lowest bidder, it seems that the... read more

http://en.wikipedia.org/wiki/Siri_%28software%29

Google has 'lapped Siri' with sci-fi-like search

Thursday, May 16, 2013

Posted by l33tdawg

Apple, Google, Technology

0 comment(s)

Google has an image of the future of search, and it's a bit sci-fi.Google developers envision users talking to their computers much like the characters on Star Trek did. Want to know where the... read more

http://www.wired.com/threatlevel/2013/05/google-pharma-whitaker-sting/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+wired%2Findex+%28Wired%3A+Top+Stories%29

Meet the career con man who made a fortune selling illegal pharmaceuticals online

Thursday, May 16, 2013

Posted by l33tdawg

Industry News

0 comment(s)

On February 25, 2009, a then 34-year-old career con man named David Anthony Whitaker left the Wyatt Detention Facility in Central Falls, Rhode Island, and slid into the backseat of an unmarked... read more

Yahoo developer feature can be used to steal user data

Submitted by l33tdawg on Tue, 2012-12-04 09:36

Credit: Wikipedia

Attackers can read emails, contacts and other private data from the accounts of Yahoo users who visit a malicious page by abusing a feature present on Yahoo's Developer Network website, according to an independent security researcher.

A limited version of the attack was presented on Sunday at the DefCamp security conference in Bucharest, Romania, by a Romanian Web application bug hunter named Sergiu Dragos Bogdan.

In his presentation, the researcher showed how the Web-based YQL (Yahoo Query Language) console, available on the developer.yahoo.com website, can be abused by attackers to execute YQL commands on behalf of authenticated Yahoo users who visit malicious websites.

Source:

Tech World

Tags:

Yahoo

Security

Log in or register to post comments
1698 reads

Contact Us

Hack In The Box

36th Floor, Menara Maxis,
Kuala Lumpur City Centre
50088 Kuala Lumpur
Malaysia

Tel: +603-2615-7299
Fax: +603-2615-0088

Featured Slideshow

Pirate Bay cofounder Peter Sunde to run for European Parliament

Password Minder: The blank notebook that got laughed out of production

IBM lost contract for bidding too low

Google has 'lapped Siri' with sci-fi-like search

Meet the career con man who made a fortune selling illegal pharmaceuticals online

Yahoo developer feature can be used to steal user data

You May Also Like

Thursday, May 16th

Wednesday, May 15th

Tuesday, May 14th

Monday, May 13th

Contact Us

Recent comments

Pirate Bay cofounder Peter Sunde to run for European Parliament

Password Minder: The blank notebook that got laughed out of production

IBM lost contract for bidding too low

Google has 'lapped Siri' with sci-fi-like search

Meet the career con man who made a fortune selling illegal pharmaceuticals online

You are here

Yahoo developer feature can be used to steal user data