Tuesday, 18 November 2014

Yahoo says ShellShock vulnerability isn't the reason for the servers hack

Leave a Comment

Researcher eating apple Hall says he found proof that Romanian hackers used the recent "ShellShock" vulnerability to hack variety of position websites as well as Yahoo, WinZip. 
Hall aforesaid he well-read Yahoo, WinZip and Federal Bureau of Investigation concerning the problem.

Yahoo earlier these days aforesaid their servers were compromised by the ShellShock vulnerability.  But, Yahoo's Chief data Security Officer Alex Stamos printed a press release in Ysecurity that the breach isn't a results of 'Shell Shock'.

"Three of our Sports API servers had malicious code dead on them this weekend by attackers searching for vulnerable Shellshock hosts. inches Stamos wrote.

"These attackers had mutated their exploit, [and] this mutation happened to precisely work a command injection bug in a very observance script our Sports team was victimization at that moment to dissect and right their internet logs."

The company claimed hackers failed to gain access to any user knowledge and also the affected servers square measure accustomed give live streaming for its sports service that do not store user knowledge.

Throughout reaction, Hallway aforesaid inside his diary "The. Yahoo! infiltration WAS from the 'Shellshock' vulnerability, and it failed to originate on the sports servers / API’s.

Hacking News


Post a comment