Yahoo Jobs Site Used in Phishing Attack
According to a British network service firm, someone has been taking advantage of a vulnerability in Yahoo's HotJobs site that allows an attacker access to a Yahoo member's mail and other personal accounts.
According to a British network service firm, someone has been taking advantage of a vulnerability in Yahoo's HotJobs site that allows an attacker access to a Yahoo member's mail and other personal accounts.
"The script steals the authentication cookies that are sent for the yahoo.com domain and passes them to a different website in the United States, where the attacker is harvesting stolen authentication details," NetCraft said Monday. "Netcraft has informed Yahoo of the latest attack, although at the time of writing, the HotJobs vulnerability and the attacker's cookie harvesting script are both still present."
