top of page

All PayPal Accounts Were One Click Away from Hijacking

This is both absolutely disturbing and quite encouraging at the same time.  This type of session riding flaw is scary and one wonders why it was not caught earlier.  That said, it is great to see organizations like PayPal reaching  out to the community and using bounty programs to discover bugs and solve security problems.  We (the IT Security Community) are all in this together.


Recent Posts

See All

Rethinking Software in the Organizational Hierarchy

I very much enjoyed this article from Pieter Danhieux via Dark Reading and this creative approach to the management of applications and hierarchical security. The concept of least privilege and the d

bottom of page