Pierluigi Paganini January 12, 2016
A XSS may have exposed users of the eBay website to phishing attacks

A security researchers reported a Cross-Site Scripting (XSS) vulnerability that may have exposed users of the eBay website to phishing attacks. An independent security researcher, using the nickname MLT, reported last month a simple flaw affecting the eBay website exposed its customers to phishing attacks. An attacker can exploit the vulnerability to host a bogus phishing page on the eBay website attempting […]

Pierluigi Paganini May 23, 2015
eBay promptly fixed a reflected file download vulnerability

EBay has recently fixed a reflected file download vulnerability discovered by the security researcher David Sopas at WebSegura. Ebay is among the web services most targeted by cyber criminals and phishers, over the years, security experts have spotted an impressive amount of attack exploiting techniques more or less sophisticated. Almost every attack relies on social engineering, attackers […]

Pierluigi Paganini September 22, 2014
POC – Hacking any eBay Account

THN disclosed details of a critical flaw discovered by the Egyptian researcher ‘Yasser H. Ali’ four months ago, which could be used to hack any eBay account. The Egyptian security researcher ‘Yasser H. Ali’ four months ago reported to the team of the The Hacker News portal a critical vulnerability in eBay system which could be used by […]

Pierluigi Paganini August 06, 2014
Security flaw allows to bypass PayPal two-factor authentication

A Security researcher has discovered a new flaw in the two-factor authentication process implemented by PayPal to protect its users. Security researcher Joshua Rogers has discovered a simple way of bypassing the two-factor authentication mechanism implemented by PayPal to protect accounts that are linked to eBay accounts. The flaw resides in the login process when a user is prompted […]

Pierluigi Paganini May 24, 2014
A new series of critical eBay vulnerabilities still menaces 145M users

Security experts have discovered three new critical eBay vulnerabilities, the privacy and data of more than 145 million users is still at risk. Just a few days after the disclosure of a major data breach at eBay, in the Internet is circulating the news of three new critical eBay vulnerabilities in the company website. eBay admitted […]

Pierluigi Paganini May 21, 2014
eBay database compromised, change your password now

The giant eBay suffered a serious data breach which exposed data in its database. Customer information, including personal data and password were violated. The Giant Ebay is victim of data breach, during a cyber attack the hackers violated company database accessing to personal data and user credentials. In response to the incident the company is notifying its customers […]

Pierluigi Paganini February 14, 2014
The Syrian Electronic Army hacked Forbes

The Syrian Electronic Army has hacked Forbes WordPress CMS and has hijacked Twitter accounts belonging to the media agency. Who will be the next one? Forbes is the new victim of the popular group of hackers Syrian Electronic Army (SEA), the popular group pro Syrian President Assad. The hackers took responsibility for a coordinated attack against multiple […]

Pierluigi Paganini February 06, 2014
Syrian Electronic Army hacks into Facebook’s domain

The Syrian Electronic Army claimed Wednesday that it managed to hack into Facebook violating an administrator account of the Facebook’s Domain Registrar. Syrian Electronic Army hit again, 2014 has started with the exploits of the popular group hackers that hit the giants of IT industry. Microsoft, PayPal, Ebay and also the CNN were hacked in the […]

Pierluigi Paganini February 02, 2014
Syrian Electronic Army hacked Ebay and Paypal websites

  Ebay and PayPal hacked by Syrian Electronic Army, “For denying Syrian citizens the ability to purchase online products” said SEA. The group of hackers Syrian Electronic Army (SEA) has monopolized the attention of the media, the hacking team has practically hit every possible target within government organizations, big enterprises and media agencies. The list of […]

Pierluigi Paganini December 29, 2013
eBay XSRF flaw allows attacker to make unauthorized purchases

EBay website is vulnerable to XSRF (Cross-site request forgery) attack that would allow an attacker to hijack an account and make unauthorized purchases. A new flaw has been discovered in the official EBay website, the vulnerability allows an attacker to hijack an account and make unauthorized purchases from the victim’s account. The flaw is not […]