|
|
Researcher exposes gap in PayPal security | | 2008/05/19 | | A Finnish researcher has exposed a gap in PayPal payment system, with potential attackers able to create spoof pages stealing the authentication details of users.
Harry Sintonen managed to work his own code into a PayPal page giving him access to the account details and even cookies of users.
The payment service had recently introduced a green address bar with intention of reassuring those using the system to pay for goods that their transaction is secure.
A PayPal spokesman commented: "At PayPal, we take safety and security very seriously. As soon as we were informed of this exploit, we began working very quickly to shut it down.
"To our knowledge, this exploit was not used in any phishing attacks".
The company reminded customers to report any instance in which they believe financial or personal information is being compromised.
PayPal is continuing its policy of fully reimbursing customers whose transactions are subject to an unauthorised withdrawal on their behalf.
 |
ALL RELATED ARTICLESAll Web Site & Server Security news
| | | RECENT RELATED ARTICLES | | Security monitoring technology 'seems to be improving' - 2010/06/29 When it comes to security monitoring, the technology that is available to businesses appears to be improving, an expert suggests. ... | | | | Cyber criminals 'often targeting social network accounts' - 2010/06/18 By revealing personal information, social networking website users might end up compromising their online security, it has been suggested, which may be of interest to those considering the ... | | | | Hackers 'targeted CHB website last weekend' - 2010/06/08 Hackers recently targeted the website of one housing board based in India, it has been reported, which may interest firms considering the use of | | | | Hackers target St Lawrence county website - 2010/06/04 Hackers have recently targeted a St Lawrence county website, it has been revealed, in a development which may interest those considering the adoption of | | | | 'Ethical' hacker flagging up website security issues - 2010/06/02 An 'ethical' hacker has revealed how he exposes businesses' IT security problems in order to highlight where they can make improvements, in a development which might interest those ... | | |
|
|
|
