eBay Has Cross Site Forgery Flaw

eBay is working on a fix for a cross-site request forgery problem that could allow an attacker to change a user’s password and get access to that user’s account. Read the full article. [eWEEK]

eBay is working on a fix for a cross-site request forgery problem that could allow an attacker to change a user’s password and get access to that user’s account. Read the full article. [eWEEK]

Suggested articles

70 eBay Phishing Suspects Arrested

Romanian police have arrested 70 suspected cybercrooks, thought to be
members of three gangs which allegedly used compromised eBay accounts
to run scams. Read the full article. [The Register]

Trojan Watch: Fake eBay Security Email

A new blended email threat appears to be a security alert from
eBay, said researchers. The email message with the subject line “eBay Procedural Warning
– Security Alert,” is addressed to “Dear eBay Member,” and warns
recipients that the sender has “detected security issues on behalf of
your account.” Read the full article. [Help Net Security]