|
|
Researcher exposes gap in PayPal security | | 2008/05/19 | | A Finnish researcher has exposed a gap in PayPal payment system, with potential attackers able to create spoof pages stealing the authentication details of users.
Harry Sintonen managed to work his own code into a PayPal page giving him access to the account details and even cookies of users.
The payment service had recently introduced a green address bar with intention of reassuring those using the system to pay for goods that their transaction is secure.
A PayPal spokesman commented: "At PayPal, we take safety and security very seriously. As soon as we were informed of this exploit, we began working very quickly to shut it down.
"To our knowledge, this exploit was not used in any phishing attacks".
The company reminded customers to report any instance in which they believe financial or personal information is being compromised.
PayPal is continuing its policy of fully reimbursing customers whose transactions are subject to an unauthorised withdrawal on their behalf.
 |
ALL RELATED ARTICLESAll Web Site & Server Security news
| | | RECENT RELATED ARTICLES | | Microsoft releases IE fix - 2008/12/18 Microsoft has released a patch to fix a vulnerability in Internet Explorer (IE) which has caused problems for more than two million users. ... | | | | Credit crunch 'will affect security' - 2008/11/27 Businesses' IT security will be affected by the credit crunch, an expert has claimed. ... | | | | Trojan virus steals on an unprecedented scale - 2008/11/04 A new Trojan virus has stolen data from half a million bank records, according to a leading internet security firm. ... | | | | Virgin Media suffer email 'spam attack' - 2008/10/14 Thousands of Virgin Media customers have been virtually cut off from their email accounts for up to four days, it has been reported.
A mass spamming attack rendered as many as ... | | | | FBI begins hunt for European retail hackers - 2008/10/07 The US Federal Bureau of Investigations (FBI) has gone on the hunt for two Europe-based hackers who have made several attacks against online retailers, it has emerged. ... | | |
|
|
|
