Researchers say Yahoo Mail exploit still active, despite claim of being fixed

Posted by admin at Jan 9th, 2013 10:39 under category Knowledge

On Monday, Yahoo told TNW it had plugged a vulnerability in Yahoo Mailthat had resulted in email accounts being compromised after users clicked on a malicious link they received in their inboxes. On Tuesday, the information security training and penetration testing firm Offensive Security said it has discovered the vulnerability is still present.

As we wrote yesterday, the hacker Shahin Ramezany (aka Abysssec) uploaded a YouTube video demonstrating how to compromise a Yahoo account by leveraging a DOM-based XSS vulnerability that is exploitable in all major browsers. Offensive Security...

Read More…

Techstars alum Condition One launches new apps with Ultra HD video, says GoPro 3 support coming soon for consumers

Posted by admin at Jan 9th, 2013 10:38 under category Knowledge

Today, Techstars alum Condition One is announcing its new C1 app for iPhone and iPad that shows off its brand new ‘quad 720′ Ultra HD video technology. They’re also launching live streaming support at full 1080p and will support uploading of users’ own GoPro videos soon.

The player, if you’re unfamiliar, presents you with a gorgeous interactive viewport that allows you to watch video the same way you would if you were looking in on the scene.

Play the video and move your phone or tablet around, as if you were there, watching the action in person. It’s a fresh take on video that seems...

Read More…

Yahoo Mail users hit by widespread hacking, XSS exploit seemingly to blame (Update: Fixed)

Posted by admin at Jan 9th, 2013 10:37 under category Knowledge

Late last night reports started coming in suggesting that Yahoo Mailusers have had their accounts hacked. While “hacked” is a very broad term nowadays, it does appear that Yahoo email accounts are being compromised after users click on a malicious link they receive in their inboxes.

Update: Yahoo says it has plugged the security hole in question but researchers beg to differ, as detailed at the bottom of this article.

A bit of digging shows the attack seems to have been carried out by a lone hacker by the name Shahin Ramezany. He has uploaded a video to YouTube demonstrating how to...

Read More…