Skip to main content

PayPal

PayPal, Lenovo Launch New Campaign to Kill the Password

posted onFebruary 12, 2013
by l33tdawg

A consortium including PayPal and Lenovo, the world’s second-largest PC manufacturer, has launched a set of technology standards that could reduce reliance on passwords, potentially making online accounts more secure.

Under the standards put forward by the FIDO Alliance, the device a person is using to log in to an account would play a more central role in authentication. That would make it impossible to compromise accounts by stealing passwords, as hackers did in order to break into Twitter this month and LinkedIn last year.

PayPal's security works

posted onFebruary 5, 2013
by l33tdawg

Andy Steingruebl wants you to know that he's a glass-half-full kind of guy when it comes to information security.

The reason for this optimism is not strictly rooted in the groundbreaking work that Steingruebl, senior manager of customer and ecosystem security for PayPal, and his team are doing to protect users from today's assortment of internet threats.

Former Anonymous member convicted in attacks against PayPal, MasterCard, Visa and more

posted onDecember 7, 2012
by l33tdawg

A 22-year-old U.K. man was convicted for his involvement in a series of distributed denial-of-service attacks launched by the hacktivist group Anonymous against PayPal, MasterCard, Visa and other companies in 2010.

Christopher Weatherhead, of Northampton, U.K., was convicted Thursday at London's Southwark Crown Court on one count of conspiracy to impair the operation of computers, contrary to the U.K. Criminal Law Act of 1977, the U.K.'s Crown Prosecution Service said in a blog post.

PayPal security holes expose customer card data, personal details

posted onNovember 2, 2012
by l33tdawg

Dangerous website flaws have been discovered in PayPal that grant attackers access to customer credit card data, account balances and purchase histories.

The holes — which still exist — were recently discovered by a security researcher.

One of the holes was publicly disclosed after a failed effort in July to responsibly disclose them under PayPal's bug bounty program. Neil Smith from Texas-based outfit Zing Checkout found that attackers could log into publicly-accessible PayPal administrative sites via authorisation bypass and cross site scripting (XSS) vulnerability.

PayPal UK hiccup held payments for security checks

posted onOctober 1, 2012
by l33tdawg

Technical problems for payments giant PayPal left some U.K. customers left in the lurch while their transactions were left for scrutiny by staff after they were held for additional security checks.

A number of PayPal users were left unable to automatically process payments after their money was sent for review, following changes to the payments system that was meant to ultimately speed up transactions.

PayPal sets down stricter regulations for file-sharing sites

posted onJuly 11, 2012
by l33tdawg

After cutting ties to Wikileaks in 2010, and after this year’s raid against Megaupload, PayPal is now imposing increasingly stringent conditions on various online file-sharing sites. According to TorrentFreak, PayPal has recently changed its terms of service, making requirements for file-sharing and newsgroup services far tighter than before.

PayPal to offer payment for finding security bugs

posted onJune 22, 2012
by l33tdawg

PayPal has joined the likes of Google and Facebook by announcing Thursday that it will begin paying researchers who discover vulnerabilities on its website.

The online money transfer service's CISO, Michael Barrett, said he initially had mixed thoughts about implementing a rewards program, but data has backed up its effectiveness. PayPal will pay for bugs that fall into four categories: cross-site scripting, cross-site request forgery, SQL injection and authentication bypass.

The compensation will be based on severity, but specific criteria was not provided.

Scott Thompson Also Claimed Comp Sci Degree As CTO Of PayPal

posted onMay 4, 2012
by l33tdawg

Yahoo's new CEO, Scott Thompson, is under fire for telling the SEC (and Yahoo's board) that he had a computer science degree from Stonehill College when he does not have one.

Yahoo shareholder Dan Loeb, the hedge fund manager of Third Point who is also in the middle of a proxy war against Yahoo, is leading the charge.