EV SSL Certificate Becomes Ineffective on PayPal Having XSS Bug
Harry Sintonen, a security investigator based in Finland, has found a XSS (cross-site scripting) flaw on paypal.com that could enable hackers to launch highly deceitful attacks, incorporating their own resource and material into the Website and stealing personal information from its visitors.
The XSS bug becomes even more critical as it dwells on a Web page that uses a widespread validation certificate for SSL (secure sockets layer). This certification leads the address bar on the browser to become green in color, so visitors are assured that the Website and its material are from PayPal.
The flaw was noticed in just a month following PayPal's publication of an approach to deal with phishing on the company's bl...
» SPAMfighter News - 5/27/2008
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!