Inside the Briefcase

Ironclad SaaS Security for Cloud-Forward Enterprises

Ironclad SaaS Security for Cloud-Forward Enterprises

The 2015 Anthem data breach was the result of...

The Key Benefits of Using Social Media for Business

The Key Benefits of Using Social Media for Business

Worldwide, there are more than 2.6 billion social media...

Gartner IT Sourcing, Procurement, Vendor and Asset Management Summit 2018, September 5 – 7, in Orlando, FL

Gartner IT Sourcing, Procurement, Vendor and Asset Management Summit 2018, September 5 – 7, in Orlando, FL

Register with code GARTITB and save $350 off the...

Infographic: The Three Pillars of Digital Identity: Trust, Consent, Knowledge

Infographic: The Three Pillars of Digital Identity: Trust, Consent, Knowledge

8,434 adults were surveyed to gauge consumer awareness of...

FICO Scales with Oracle Cloud

FICO Scales with Oracle Cloud

Doug Clare, Vice President at FICO, describes how Oracle...

Firm Finds Gaping Holes in Mobile Payments Applications

November 4, 2010 No Comments

eBay’s PayPal online payment division is rushing a software patch to users of its iPhone mobile payments application to plug a hole that leaves users vulnerable to man-in-the-middle and phishing attacks, but the firm that found that hole said transaction security is just one problem facing the mobile payments application.

An audit by Chicago firm ViaForensics discovered serious security holes in the PayPal mobile payment application for Apple’s iPhone. Flaws that could allow attackers to set up a phony PayPal phishing site and snoop user credentials was the most critical, but the application also fell short in protecting user login and potentially sensitive application data, according to ViaForensics co-founder, Andrew Hoog.

PayPal did not immediately respond to a request for comment from Threatpost. In published reports, the company acknowledged the hole and said it had sent an update out Tuesday night. The company said it would reimburse customers for any fraudulent activity related to an attack on the iPhone application.

Read More

Blogs, Featured Blogs

Leave a Reply

(required)

(required)


ADVERTISEMENT

Gartner