SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
#ebay
4 Feb 2016

eBay has no plans to fix severe bug

eBay has no plans to fix a "severe" vulnerability that allows attackers to use the company's trusted website to distribute malicious code and phishing pages, researchers from security firm Check Point Software said.

The vulnerability allows attackers to bypass a key restriction that prevents user posts from hosting JavaScript code that gets executed on end-user devices. eBay has long enforced the limitation to prevent scammers from creating auction pages that execute dangerous code or content when they're viewed by unsuspecting users. Using a highly specialized coding technique, hackers can work around this safeguard.

Read more
Tags:
eBay information leaks
Source:
Ars Technica
1868
14 Jan 2016

XSS flaw exposed eBay users to phishing attacks

A reflected cross-site scripting vulnerability on eBay’s website could have been exploited by malicious actors for phishing attacks, a researcher has demonstrated. The flaw was identified in December by a researcher who uses the online moniker “MLT.”

The expert complained that eBay had not responded to his report for a month, and the e-commerce giant only patched the issue after being contacted by the media. XSS vulnerabilities are highly common, but that doesn’t make them any less dangerous. A blog post and proof-of-concept video show how an attacker could have exploited the weakness to launch phishing attacks.

Read more
Tags:
information leaks eBay
Source:
SecurityWeek
1942
27 Apr 2015

This security flaw puts online shoppers' data at risk

Criminals are exploiting a vulnerability in about 87,000 e-commerce websites that puts information including customers' stored credit-card data at risk. The online shopping websites were susceptible to a chain of weaknesses on the platform Magento.

Cybercriminals who exploit the security holes could take complete control of the website with pretty much a single request. For all the credit cards that are stored in the system, the attackers are going to have access to that. Through the security flaw, criminals can access databases with customers' personal information, or inject nasty code into the website so it infects users with malware.

Read more
Tags:
eBay information leaks
Source:
Morningstar
2102
4 Dec 2014

Hacking PayPal account with just a click

The eBay owned popular digital payment and money transfer service, PayPal has been found to be vulnerable to a critical web application vulnerability that could allow an attacker to take control over users' PayPal account with just a click, affecting more than 156 millions PayPal users.

An Egyptian security researcher has discovered three critical vulnerabilities in PayPal website, which could be used by cybercriminals in the targeted attacks. PayPal uses security Auth tokens for detecting the legitimate requests from the account holder, but expert successfully bypassed it to generate exploit code for targeted attacks.

Read more
Tags:
PayPal information leaks CSRF eBay
Source:
VentureBeat
2588
21 May 2014

Massive eBay hack attack prompts password change warning

Online auction site eBay has advised its clients to change their passwords after a cyber-attack allowed hackers to gain access to one of its databases. Information stolen included personal details of “a large number of accounts.”

The California-based company has been asking its users “to change their passwords because of a cyber-attack that compromised a database containing encrypted passwords and other non-financial data,” according to a statement released on the company website. “For the time being, we cannot comment on the specific number of accounts impacted. However, we believe there may be a large number of accounts involved and we are asking all eBay users to change their passwords,” spokeswoman Kari Ramirez told.

Read more
Tags:
data protection eBay hackers
Source:
Russia Today
2255
SafeUM NEWS
27 Apr 2017 safeum news imgage Encrypted Group Chat
4 Apr 2017 safeum news imgage Each SafeUM user gets free anonymous phone number
10 Mar 2017 safeum news imgage SafeUM useful features to help you feel safe
28 Sep 2016 safeum news imgage Secure Messenger SafeUM
21 Jul 2015 safeum news imgage New secured zone of Google Play: secure messenger SafeUM for Android. Download, Install, Communicate
3 Apr 2015 safeum news imgage We are beginning to test SafeUM for Windows Phone
25 Feb 2015 safeum news imgage SafeUM messenger is available for public testing
20 Feb 2015 safeum news imgage Algorithms and encryption schemes used for secure messenger SafeUM
30 Jan 2015 safeum news imgage New "TOP Security!" app is on the App Store
22 Jan 2015 safeum news imgage Free "TOP Security!" app is available on Google Play
28 Oct 2014 safeum news imgage How are security keys generated in SafeUM?
19 Jun 2014 safeum news imgage SafeUM is the best messenger for data protection and information security
16 Jun 2014 safeum news imgage Become a SafeUM tester and get free PREMIUM subscription for a year
12 May 2014 safeum news imgage Why Premium secure messenger SafeUM cannot be free
25 Apr 2014 safeum news imgage Encrypted secure messaging for every mobile device
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015