The eBay owned popular digital payment and money transfer service, PayPal has been found to be vulnerable to a critical web application vulnerability that could allow an attacker to take control over users' PayPal account with just a click, affecting more than 156 millions PayPal users.
An Egyptian security researcher has discovered three critical vulnerabilities in PayPal website, which could be used by cybercriminals in the targeted attacks. PayPal uses security Auth tokens for detecting the legitimate requests from the account holder, but expert successfully bypassed it to generate exploit code for targeted attacks.Read more
Not all accounts are created equal. It’s only natural that you would care less about an ESPN Fantasy Football account than you would care about your online banking or PayPal account.
Anyone who spends even a little time thinking about security is careful to use a strong password and proceed with caution when accessing a service related to personal finance. However, a lot of users are also relatively careless about their primary webmail account, which often serves as a master key to all other accounts. Think about it: whenever you set up nearly any online account, you’re prompted to enter a primary webmail account. There are a number of reasons for this.Read more
The Romanian hacker showed to the team on safety of PayPal the way of scam operation, using three separate accounts.
Convicted NASA hacker Razvan Cernaianu, better known by his handle TinKode, has disclosed a loophole that takes advantage of PayPal’s Terms of Service (TOS) and could allow scammers to pilfer funds by way of the company’s chargeback function. Cernaianu says the scam can be accomplished with three PayPal accounts – the first as a legitimate buyer verified with a personal card, the second used as a seller, and the third as a “mule” account – the last two using virtual credit cards.Read more