Security News
According to researchers at the ZeroFOX Alpha Team, the latest version of the group's phishing kit is designed with a number of features that are aimed to steal as much personally identifiable information as possible from users of the popular money-transfer service, including login credentials, geolocation, email address, credit-card information, phone number and more. The researchers were able to intercept traffic between the kit and the C2 server, and gain access to the server panel that 16Shop rents to users.
A researcher has earned over $15,000 from PayPal for reporting a critical vulnerability that could have been exploited by hackers to obtain user email addresses and passwords. Identified while analyzing PayPal's main authentication flow, the issue was related to PayPal placing cross-site request forgery tokens and the user session ID in a JavaScript file, thus making them retrievable by attackers via cross-site script inclusion attacks.
PayPal has overtaken Microsoft to claim the number one ranking for phisher’s favorites for the first time. Netflix was not far behind as the streaming giant moved up to the third spot with a 14.1...
Any Reg readers have a solution? The web payment giant doesn't care A Register reader says that for months he has been dealing with unwanted emails and alerts because a domain he purchased is...
PayPal abruptly announced that it was leaving the Libra Association.
A DNS hijacking campaign that has been ongoing for the past three months is targeting the users of popular online services, including Gmail, PayPal, and Netflix. As part of the campaign, the...
Critics Question Whether Move Is Just 'Marketing Fluff'Facebook is edging closer to launching its own cryptocurrency, with a rollout expected this year, The New York Times reports. But some...
The trojan purports to be a battery optimization app - and then steals up to 1,000 euro from victims' PayPal accounts.
ESET researchers have unearthed a new Android Trojan that tricks users into logging into PayPal, then takes over and mimics the user’s clicks to send money to the attacker’s PayPal address. The...
Popular card readers like Square and PayPal have various flaws that allow attacks ranging from fraud to card data theft.