I wish I were joking. Companies, especially large multinational companies, need to be security concious or risk tarnishing their brand, and losing the most important aspect of their company - trust. They also need to keep the risk of lawsuits down to a minimum, in our sue-happy society. Large companies with large userbases are also amongst the most targeted. The problems which lead to security breaches usually lead from overworked staff, or poor roadmapping (meaning bad priorities or timelines which are far too tight to be effective). Overworked staff is a common scenario within large Silicon Valley companies and causes the next issue, along with opens increased risk for social engineering. Poor Roadmapping is more prominent the larger a company gets, and has to flex to maintain legacy and modern systems.
The weakest aspect with any company is the human element, and with the Yahoo, Verizon, and other compromises, the problem boils down to the human element making a critical mistake which to someone who has worked in InfoSec, would've raised a red flag long before the breach occurred. For example, a human making an error in an AWS zone while staging customer data to a test environment, which led to the recent Verizon data leak. Or Yahoo not having two factor authentication until about 2014 IIRC (yet they still beat so many companies to the punch somehow). I can't speak on behalf of Yahoo, Verizon, or any other major company who has experienced a compromise, but there are plenty of non-journalistic case studies out there of what I'm talking about.
In the OP's case, we should be receiving more reports of malicious links across Yahoo's site if they were truly compromised. It is highly unlikely that Yahoo is serving just ONE person malicious links. If it's spread to Yahoo Mail as well, but yet the forums continue to not see further reports, it is highly unlikely that the problem is with Yahoo. Myself and others use Yahoo on a daily basis and should have seen this by now. There should be more reports if there are compromises. OP needs to check their machine, and if they can't find an issue, nuke it and start from a clean environment. If the problem is still occurring after that, they need to investigate their home network, consider reflashing the firmware on their router and factory resetting it since those things are infectable (although that is rare).
Ha ha I was referring to your statement of: "Yahoo and Verizon are both security conscious companies."
They are notorious for breaches. Security leaks, weak privacy rules, and with the Yahoo and AOL debacle (which had even more) when you replied as you did I presumed you were making a joke.
@Smith6612 wrote:In the OP's case, we should be receiving more reports of malicious links across Yahoo's site if they were truly compromised. It is highly unlikely that Yahoo is serving just ONE person malicious links. If it's spread to Yahoo Mail as well, but yet the forums continue to not see further reports, it is highly unlikely that the problem is with Yahoo. Myself and others use Yahoo on a daily basis and should have seen this by now. There should be more reports if there are compromises. OP needs to check their machine, and if they can't find an issue, nuke it and start from a clean environment. If the problem is still occurring after that, they need to investigate their home network, consider reflashing the firmware on their router and factory resetting it since those things are infectable (although that is rare).
I am using firefox 50.0 on osx10.9.5 and I believed its a targeted hack. I think if you tested on firefox you would see the malware hack on yahoo.com. It is a security hole in yahoo's ads network that they allow malware to be placed. I have never had this happen on any other website.
I and my wife use Firefox on yahoo (albeit not on Mac) all the time.
Have yet to see an issue.
You're using both an outdated version of the Firefox browser, and an outdated and insecure version of macOS with more than one set of nasty vulnerabilities - including some low level firmware vulnerabilities Apple patched and included in newer versions of the OS.
Please install macOS Sierra (10.12.6) from the App Store, and then upgrade your version of Firefox to the latest, which is v54.0.1 as of this post.
Here's Firefox running on a Windows system which isn't exhibiting the problem.
If the problem is due to bad advertising on Yahoo, please let them know. Use the Contact link they provide here: https://help.yahoo.com/kb/account . If you're able to catch the ad, there's a small "AdChoices" button which should appear at the corner of the ad. Mouse over this and you'll be able to click an option to report abuse / a problem with the ad.
Please update your Mac's OS, and your copy of Firefox and report back. Also run your Mac through a copy of MalwareBytes, just to be completely sure that this isn't a problem with the machine. https://www.malwarebytes.com/mac/
Start a new topic or ask questions in the open forum.
