Blog

19Jan 2024 by

Canadian Man Stuck in Triangle of E-Commerce Fraud (Krebs on Security)

Actualités, Sécurité
A Canadian man who says he’s been falsely charged with orchestrating a complex e-commerce scam is seeking to clear his name. His case appears to involve “triangulation fraud,” which occurs when a consumer purchases something online — from a seller on Amazon or eBay, for example — but the seller doesn’t actually own the item for sale. Instead, the seller purchases the item from an online retailer using stolen payment card data. In this scam, the unwitting buyer pays the scammer and receives what they ordered, and very often the only party left to dispute the transaction is the owner of the stolen payment card. Triangulation fraud. Image: eBay Enterprise. Timothy Barker, 56, was until recently a Band Manager at Duncan’s First Nation, a First Nation in northwestern Alberta, Canada.…
Read More
19Jan 2024 by

Canadian Man Stuck in Triangle of E-Commerce Fraud

Actualités
A Canadian man who says he’s been falsely charged with orchestrating a complex e-commerce scam is seeking to clear his name. His case appears to involve “triangulation fraud,” which occurs when a consumer purchases something online — from a seller on Amazon or eBay, for example — but the seller doesn’t actually own the item for sale. Instead, the seller purchases the item from an online retailer using stolen payment card data. In this scam, the unwitting buyer pays the scammer and receives what they ordered, and very often the only party left to dispute the transaction is the owner of the stolen payment card. Triangulation fraud. Image: eBay Enterprise. Timothy Barker, 56, was until recently a Band Manager at Duncan’s First Nation, a First Nation in northwestern Alberta, Canada.…
Read More
19Jan 2024 by

Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software

Actualités
Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines. "These applications are being hosted on Chinese pirating websites in order to gain victims," Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said. "Once detonated, the malware will download and execute multiple payloads
Read More
19Jan 2024 by

Preventing Data Loss: Backup and Recovery Strategies for Exchange Server Administrators

Actualités
In the current digital landscape, data has emerged as a crucial asset for organizations, akin to currency. It’s the lifeblood of any organization in today's interconnected and digital world. Thus, safeguarding the data is of paramount importance. Its importance is magnified in on-premises Exchange Server environments where vital business communication and emails are stored and managed.  In
Read More
19Jan 2024 by

Npm Trojan Bypasses UAC, Installs AnyDesk with « Oscompatible » Package

Actualités
A malicious package uploaded to the npm registry has been found deploying a sophisticated remote access trojan on compromised Windows machines. The package, named "oscompatible," was published on January 9, 2024, attracting a total of 380 downloads before it was taken down. oscompatible included a "few strange binaries," according to software supply chain security firm Phylum, including a single
Read More
19Jan 2024 by

U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability

Actualités
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core to its Known Exploited Vulnerabilities (KEV) catalog, stating it's being actively exploited in the wild. The vulnerability in question is CVE-2023-35082 (CVSS score: 9.8), an authentication bypass
Read More