Description: Hosted payment gateways may offer an instant PCI compliance option for enterprises of any size. These solutions usually concede flow control between the merchant website and payment gateway to the end user's browser. This is a flawed design and leaves the merchant account highly exposed. In addition to traditional price manipulation and replay attacks, it can allow an attacker to hijack their API access. Once the account has been hijacked, the attacker can bypass payment forge payment received notifications or even issue refunds. In this presentation, I will demonstrate how using GPU clusters and cloud computing can allow an attacker to hijack merchant accounts in a short timeframe.
For More Information please visit : - https://www.blackhat.com/
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.