Inside the Briefcase

IT Briefcase Exclusive Interview: The Tipping Point – When Things Changed for Cloud Computing

IT Briefcase Exclusive Interview: The Tipping Point – When Things Changed for Cloud Computing

with Shawn Moore, Solodev
In this interview, Shawn Moore,...

Driving Better Outcomes through Workforce Analytics Webcast

Driving Better Outcomes through Workforce Analytics Webcast

Find out what’s really going on in your business...

Legacy Modernization: Look to the Cloud and Open Systems

Legacy Modernization: Look to the Cloud and Open Systems

On the surface, mainframe architecture seems relatively simple: A...

Still keeping your hybrid power systems indoors?  It’s time for change.

Still keeping your hybrid power systems indoors? It’s time for change.

Mobile telecommunications network equipment is expected to work without...

As the Network Changes, Engineers Are Embracing the DevOps Model

As the Network Changes, Engineers Are Embracing the DevOps Model

Businesses that have embraced digital transformation with a clear...

Firm Finds Gaping Holes in Mobile Payments Applications

November 4, 2010 No Comments

eBay’s PayPal online payment division is rushing a software patch to users of its iPhone mobile payments application to plug a hole that leaves users vulnerable to man-in-the-middle and phishing attacks, but the firm that found that hole said transaction security is just one problem facing the mobile payments application.

An audit by Chicago firm ViaForensics discovered serious security holes in the PayPal mobile payment application for Apple’s iPhone. Flaws that could allow attackers to set up a phony PayPal phishing site and snoop user credentials was the most critical, but the application also fell short in protecting user login and potentially sensitive application data, according to ViaForensics co-founder, Andrew Hoog.

PayPal did not immediately respond to a request for comment from Threatpost. In published reports, the company acknowledged the hole and said it had sent an update out Tuesday night. The company said it would reimburse customers for any fraudulent activity related to an attack on the iPhone application.

Read More

Blogs, Featured Blogs

Leave a Reply

(required)

(required)


ADVERTISEMENT

UC Expo

WITI

ITBriefcase Comparison Report