Single step authentication on Galaxy S5 leaves PayPal accounts open to abuse say German researchers.
PayPal was left fighting a rear-guard action last night after it emerged the fingerprint scanner seen on the Samsung Galaxy 5 smartphone can easily be bypassed.
Germany's Security Research Labs says the spoofing system allows access to a user's PayPal account, which is an important issue since a key feature of the scanner is one-step access to the PayPal money payment system - effectively replacing the user's ID and password with a fingerprint swipe.
Thirteen people recently pled guilty to charges related to their involvement in DDoS attacks against PayPal in December 2010. The attacks were launched in response to PayPal's refusal to accept donations for WikiLeaks (h/t The Register).
The 13 are Christopher Wayne Cooper, Joshua John Covelli, Keith Wilson Downey, Mercedes Renee Haefer, Donald Husband, Vincent Charles Kershaw, Ethan Miles, James C. Murphy, Drew Alan Phillips, Jeffrey Puglisi, Daniel Sullivan, Tracy Ann Valenzuela and Christopher Quang Vo.
Thirteen people have pleaded guilty to charges they were involved in a 2010 cyberattack on PayPal for the eBay unit's refusal to process payments for WikiLeaks.
The hacktivist collective claimed responsibility for engineering the December 2010 distributed-denial-of-service attack in retaliation for the online payment processing company's suspension of an account linked to WikiLeaks after the document-leaking organization released a large number of classified documents.
In the hacking world, it takes one to know one. For many corporations, the best defense against hackers is to actually hire a hacker and pay him or her to break into their sites or databases and expose weaknesses in a benign manner. There aren’t that many “white hat” hackers out there, and one of the most in-demand of these hackers is Israeli Shai Rod.
Now, add another feather to Rod’s cap. He was named one of the top ten hackers who have helped PayPal make its site more secure, with his name tacked onto PayPal’s virtual Wall of Fame.
A 17-year-old German student contends PayPal has denied him a reward for finding a vulnerability in its website.
Robert Kugler said he notified PayPal of the vulnerability on May 19. He said he was informed by email that because he is under 18 years old, he did not qualify for its Bug Bounty Program. He will turn 18 next March.