​​​G R A F F I T I 

M.O.S.T. does not care about persons who paint graffiti on a sanctioned wall with the owner's permission. However, we detest cowards who paint property without consent. That changes the classification from art to vandalism. However, the vandals will still try to justify what they do by claiming it's free expression. They often try to vilify those who oppose them by labeling them oppressors of that free expression. Meanwhile, those same vandals cause hundreds of dollars in damage, drive a businesses customers away and lower property values.
 
We often ask if a graffiti goon would still call it "art" if it was their property being defaced without permission.

Graffiti can also have a more serious meaning due to being gang related. Gangs can use graffiti to mark territory, advertise drug sales, mourn deceased members, announce alliances and issue threats. All the more reason to report and remove it immediately.

If you see tagging in progress dial 9 1 1

For recent graffiti in Orlando report it to (407) 254-GRAF (4723) or click HERE

Reducing Your Risk For a Vehicle Burglary 
By: M.O.S.T. Field Team


Be aware of your surroundings.


If you feel uneasy parking in a certain spot due to environment or bystanders, don’t park there. 


Lock doors. Roll up windows. Use alarm and yes, even the Club.


Use a sunshade, even at night. Crooks prefer to see inside before a break in to assess contents and your security. Deprive them of that!


Ladies, crooks watch restaurant and other lots. If they don’t see you walking in with a strap on your shoulder, they know it means you left your purse in the car. They may have even seen you put it in the trunk. If you plan to do that, do it off-property. 


Use parking spots that are well lit and well traveled. A well lit spot in a remote area of the lot is less favorable than a partially lit area close to the door. If possible, park under a camera. Remember that you may enter a place in daylight and exit at night. Break-ins also happen in broad daylight. Don’t let the sun lull you into a false sense of security.


If dining, ask for a seat with a window view of your vehicle. Not romantic, but neither is cleaning broken glass off of the passenger seat.


The glow of the G.P.S. in your unattended car says “Steal Me” to crooks. Secure all valuables. To you, it's just a cell phone holster, but a crook may think it's the actual phone.

Remove/secure prescription meds. To you, it's digestive medicine. To a crook, it could be a pain medicine.


Tipping a lot attendant or bouncer may help to put extra eyes on your car. 


Never leave a gun unlocked in the vehicle. Tucked under the front seat or put into an unlocked glove box is not secure.


Be united. Keep an eye on suspicious activity around other cars. Report suspicious characters.

Booter and Stresser Services Increase the Scale and Frequency of Distributed Denial of Service Attacks

Criminal actors offer distributed denial of service (DDoS)-for-hire services in criminal forums and marketplaces. These DDoS-for-hire services, also known as booters or stressers, are leveraged by malicious cyber actors, pranksters, and/or hacktivists to conduct largescale cyber attacks designed to prevent access to U.S. company and government Web sites. The FBI investigates these services as a crime if they are used against a Web site without the owner’s permission (such as for a legitimate stress test).


DDoS attacks are costly to victims and render targeted Web sites slow or inaccessible. These attacks prevent people from accessing online accounts, disrupt business activities, and induce significant remediation costs on victim companies. They also can cause businesses impacted by DDoS attacks to lose customers.
For example, in October 2016, one of the largest DDoS attacks to date targeted a domain name service (DNS) provider and impacted more than 80 Web sites primarily in the United States and Europe, causing them to become inaccessible to the public. The attack used a booter service and was attributed to infected Internet of Things (IoT) devices like routers, digital video recorders, and Webcams/security cameras to execute the DDoS attack1. Open source reports estimate the DNS provider lost approximately eight percent of its customers following the attack.

WHAT ARE BOOTER AND STRESSER SERVICES?
Booter and stresser services are a form of DDoS-for-hire--- advertised in forum communications and available on Dark Web marketplaces--- offering malicious actors the ability to anonymously attack any Internet-connected target. These services are obtained through a monetary transaction, usually in the form of online payment services and virtual currency. Criminal actors running booter and stresser services sell access to DDoS botnets, a network of malware-infected computers exploited to make a victim server or network resource unavailable by overloading the device with massive amounts of fake or illegitimate traffic.
These services can be used legitimately to test the resilience of a network; however, criminal actors use this capability to take down Web sites. Established booter and stresser services offer a convenient means for malicious actors to conduct DDoS attacks by allowing such actors to pay for an existing network of infected devices, rather than creating their own. Booter and stresser services may also obscure attribution of DDoS activity.
Regardless of whether someone launches a DDoS attack using their own command-and-control infrastructure (e.g., a botnet) or hires a booter and stresser service to conduct an attack, their transmission of a program, information, code, or command to a protected computer2 may result in criminal charges.

CONSEQUENCES OF PARTICIPATING IN THESE SCHEMES
The use of booter and stresser services to conduct a DDoS attack is punishable under the Computer Fraud and Abuse Act (18 U.S.C. § 1030), and may result in any one or a combination of the following consequences:
Seizure of computers and other electronic devices
Arrest and criminal prosecution
Significant prison sentence
Penalty or fine

HOW AND WHAT TO REPORT
The FBI requests DDoS victims contact their local FBI field office and/or file a complaint with the Internet Crime Complaint Center (IC3), regardless of dollar loss or timing of incident. Field office contacts can be identified at www.fbi.gov/contact-us/field. IC3 complaints should be filed at www.ic3.gov with the following details (if applicable):
Traffic protocol used by the DDoS (DNS, NTP, SYN flood, etc)
Attempt to preserve netflow and/or packet capture of the attack
Any extortion/threats pertaining to the DDoS attack
Save any such correspondence in its original, unforwarded format
Victim information
Overall losses associated with the DDoS attack
If a ransom associated with the attack was paid, provide transaction details, the subject’s email address, and/or crypto currency wallet address
Victim impact statement (e.g., impacted services/operations)
IP addresses used in the DDoS attack.

nEWS AND views

Windows Movie Maker Scam spreads massively due to high Google ranking
Courtesy www.WeLiveSecurity.com  Story by Peter Stanick 


11/9/17 - Scammers have been surprisingly sucessful at distributing a modified version of Windows Movie Maker that aims to collect money from unaware users. The spread of the scam (which itself is far from new) has been boosted by search engine optimization of the crooks’ website, as well as continuing demand for Windows Movie Maker, Microsoft’s free video editing software, discontinued since January 2017.


At the time of writing, the website spreading the modified software, ‘windows-movie-maker.org’, comes up as one of the top results when searching for “Movie Maker” and “Windows Movie Maker” on Google (using this browser, it ranks as number one in the majority of countries with the highest number of internet users). On Bing, the search engine with the second largest global market share, the website is also placed on the first page of results.
ESET security products detect the scam as Win32/Hoax.MovieMaker and block the website distributing it. We have notified both Google and Microsoft about the fraudulent nature of the high-ranking website (which was registered back in 2010). As a consequence of the website’s high search engine ranking, the crooks behind the scam have managed to reach a global “audience”, with the modified Windows Movie Maker emerging among the most prevalent threats in ESET’s telemetry in the past few days.


On November 5, 2017, Win32/Hoax.MovieMaker was the third most detected threat worldwide and the number one threat in Israel. As of November 6, our telemetry recorded many detections in the Philippines, in Israel, Finland and Denmark.


How the Windows Movie Maker Scam works
When users install the software offered on the above mentioned website, they get a functioning Windows Movie Maker. However, unlike the official and free Windows Movie Maker by Microsoft, this one claims to be a trial version that needs to be upgraded to a full version in order to offer all features. The user is repeatedly prompted to purchase the full version, first when the software is launched and later when the user tries to save a new document. In the latter case, the prompt prevents the user from continuing, making it appear as if saving a document was a paid feature. The price requested for the fake upgrade is set to $29.95, in what is presented as a 25% discount on the payment website used by the crooks.


How to stay safe from Windows Movie Maker Scam
If you’ve already installed the Movie Maker offered on windows-movie-maker.org, uninstall it and run a scan using a reputable antimalware solution.


To avoid falling victim to similar scams, always stick to official sources when downloading software. If you really need to use a piece of software that’s no longer distributed by its original maker, make sure you:
Use a reliable security solution to detect and block malicious content.
Consider using the official replacement for the discontinued software – in this case, Windows Story Remix.
Don’t pay for software that is or was officially offered for free. Information on software pricing should be available online.