Tag: parsely-root

How Yahoo allowed hackers to hijack my neighbor’s e-mail account

Reflected XSS vulnerabilities in action Aspect Security When my neighbor called early Wednesday morning, she sounded close to tears. Her Yahoo Mail account had been hijacked and used to send spam to addresses in her contact list. Restrictions had then been placed on her account that prevented her from e-mailing her friends to let them know what happened. In a  blog post  published hours before my neighbor’s call, researchers from security firm Bitdefender said that the hacking campaign that targeted my neighbor’s account had been active for about a month. Even more remarkable, the researchers said the underlying hack worked because Yahoo’s developer blog runs on a version of the WordPress content management system that contained a vulnerability developers addressed more than eight months ago . My neighbor’s only mistake, it seems, was clicking on a link while logged in to her Yahoo account. As someone who received one of the spam e-mails from her compromised account, I know how easy it is to click such links. The subject line of my neighbor’s e-mail mentioned me by name, even though my name isn’t in my address. Over the past few months, she and I regularly sent messages to each other that contained nothing more than a Web address, so I thought nothing of opening the link contained in Wednesday’s e-mail. The page that opened looked harmless enough. It appeared to be an advertorial post on MSNBC.com about working from home, which is something I do all the time. But behind the scenes, according to Bitdefender, something much more nefarious was at work. Read 9 remaining paragraphs | Comments

Read More:
How Yahoo allowed hackers to hijack my neighbor’s e-mail account

Is Dell looking to kill PCs with “Project Ophelia”?

Dell’s Project Ophelia: an Android-based thin client that you can put in your pocket for around $50, eventually. Dell Dell is reportedly investigating a move to take the company private in a leveraged buy-out to clear the decks for a radical repositioning of the company. And according to a report from Atlantic Media’s Quartz , that includes relaunching Dell’s desktop and mobile business around a brand-new product: a computing device the size of a thumb-drive that will sell for about $50. Dell announced its pocket client PC, called ” project Ophelia ,” on January 8, and demonstrated it at CES. Developed by Dell’s Wyse unit, Ophelia uses a Mobile High-Definition Link (MHL) to draw power to boot from an HDTV display, or it can be powered off a USB port. It has integrated Bluetooth and Wi-Fi capability for connecting to a keyboard, a mouse, and the network, and it runs the Android 4.1 (Jelly Bean) operating system with all of the functionality of a tablet. It can also be used to power virtual instances of other desktop operating systems on a remote server or in the cloud. In other words, it’s a fusion of Wyse’s thin client technology modeled after the capabilities of a Google Chromebook—except it can be carried in a pocket. The main drawbacks are that few HDTVs currently support MHL—though such support can be found in a number of Dell flat-panel displays. Read 2 remaining paragraphs | Comments

Read the original post:
Is Dell looking to kill PCs with “Project Ophelia”?