Send a Message
to atheenalie




Dec 27, 2012

atheenalie Profile

Forums Owned

Recent Posts

Laval, QC

Microsoft uncovers Sefnit Trojan return after Groupon cli... k/v3-uk/news/22970 27/microsoft-uncov ers-sefnit-trojan- return-after-group on-click-fraud-sca m The authors of the notorious Sefnit Trojan have resurfaced using advanced infection and click-fraud techniques to earn vast sums of money through bogus advertising, according to Microsoft. Microsoft antivirus researcher Geoff McDonald reported discovering an evolved version of the Sefnit Trojan, which takes money by targeting popular websites, such as Groupon. In a blog post on the company's Malware Protection Centre, McDonald wrote: "The Sefnit click-fraud component is now structured as a proxy service based on the open-source 3proxy project. The botnet of Sefnit-hosted proxies are used to relay HTTP traffic to pretend to click on advertisements. In this way, the new version of Sefnit exhibits no clear visible user symptoms to bring attention to the botnet. This allowed them to evade attention from anti-malware researchers for a couple years. "The Sefnit botnet uses the hosted 3proxy servers to redirect internet traffic and perform fake advertisement clicks. A recorded example of this click-fraud path is shown below by using the legitimate affiliate search engine to simulate a search for ‘cat' and fake a click on an advertisement provided by Google to defraud the advertiser Groupon." He said the technique allowed the criminals behind the malware to increase the revenue they made using the scam. "The end result is Groupon paying a small amount of money for this fake advertisement ‘click' to Google. Google takes a portion of the money and pays the rest out to the website hosting the advertisement – Mywebsearch. The Sefnit authors likely signed up as an affiliate for Mywebsearch, resulting in the Sefnit criminals then receiving a commission on the click." A Groupon spokesperson told V3 the company actively monitors its network for any illicit activity. "We actively monitor our thousands of global affiliate marketers, and those who violate the rules are removed from the programme." McDonald said Microsoft uncovered evidence linking Sefnit to the Mevade malware used in the world's first large-scale Tor botnet. "Recently Trojan:Win32/Mevad e made news for being the first large botnet to use Tor to anonymise and hide its network traffic. Within a few weeks, starting mid-August, the number of directly connecting Tor users increased by almost 600 percent – from about 500,000 users per day to more than three million," he wrote. "Last week we concluded, after further review, that Mevade and Sefnit are the same family and our detections for Mevade have now been moved to join the Sefnit family." As well as its links to Mevade, McDonald said the attack is also using a host of new custom-built components to improve its infection rate. "This latest version of Sefnit shows they are using multiple attack vectors, even going as far as writing their own bundler installers to achieve the maximum number of infections that make this type of click fraud a financially viable exercise," he wrote. "The authors have adapted their click-fraud mechanisms in a way that takes user interaction out of the picture while maintaining the effectiveness. This removal of the user-interaction reliance in the click-fraud methodology was a large factor in the Sefnit authors being able to stay out of the security researchers' radars over the last couple of years." Sefnit is one of many variations of malware to receive technical upgrades in recent months. Earlier this month FireEye researchers reported discovering a reworked version of the Darkleech campaign targeting Java and Adobe vulnerabilities to spread the Reveton ransomware. Read Related Content Here: http://www.socialp opic/23320/Abney-a nd-Associates-Frau d-Watch_-Watch-for ml http://www.topix.c om/forum/business/ TAFDGLA1AGHF339F5  (Oct 1, 2013 | post #1)

Toronto, ON

Secure Your Computer In Seven Steps | Abney and Associate...

Source: /posts/secure-your -computer-in-seven -steps-abney-and-a ssociates-news-rev iew--2 While handheld devices such as smartphones and tablets provide new ways for us to leverage technology, computers are often still the primary tool we use for our professional and personal lives. As a result, your computer, whether at work or at home, still remains a primary target for cyber criminals. By following these simple steps, you can help secure your computer and protect it against most known attacks. 1. STARTING SECURE The first step to a secure computer is starting with a computer you can trust. If you purchased a new computer directly from a well-known vendor, then you should be able trust it and the pre-installed software. If you have purchased a used computer, then do not trust it. The used computer may have been accidentally (or intentionally) infected by the previous owner. Trying to secure a computer that is already infected does no good. The first step you should take after acquiring a used computer is reformat the hard drive and reinstall the operating system (be sure to ask someone you trust for help if you are not sure how to do this). 2. UPDATING The next step is updating your computer. Cyber attackers are always identifying new weaknesses in computers and their applications. When computer and software vendors learn about these new vulnerabilities, they develop and release fixes, called updates or patches, to fix the problem. When you purchase a new computer or reinstall the operating system, your computer is most likely already out of date. As such, the first step you want to take is connect to the Internet and update your computer’s operating system. Be sure that when you do connect to the Internet, your new computer is protected behind a firewall or home Wi-Fi access point. In addition, most computer operating systems, including Windows and OS X (and even many applications), have an automatic updating feature builtin. Enable automated updating to check for updates at least once a day; this helps ensure your computer will remain updated and secure. If a vendor releases a patch that you have to manually install, be sure to install it as soon as possible. 3. SECURITY SOFTWARE Once your computer is updated you want to ensure you have security software installed and enabled. The two most common types of security software are anti-virus and firewalls. Anti-virus helps identify infected files you may have downloaded or shared with others and stops these malicious files from harming your computer. Firewalls act like a virtual policeman; they determine who can and cannot talk to your computer. Many security vendors now offer entire security software suites that include firewall, anti-virus and other software options. You may want to consider purchasing an entire security package. 4. ACCOUNTS Every person that has authorized access to your computer should have their own separate account protected by a unique, strong password. Never share accounts. If this is a personal computer for home use, create a separate account for each member of your own family, especially children. This way you can apply different controls to each user (such as parental controls for your children) and track who did what. In addition, grant each user the minimum privileges they need to use the computer. Never give someone administrative access unless they absolutely need it, including yourself. Only use administrative privileges when you need them, such as to install software or changing a system configuration. Related Articles: http://atheenalie. /Reviews-by-Abney- and-Associates-Cod e-85258081704-3713 77544 http://studfyler.s Ydv5DJ4-abney-asso ciates-technology- hong-kong-review.h tml  (May 24, 2013 | post #1)

Hamilton, ON

Reviews by Abney and Associates, Code 85258081704

http://communities ney-associates-aa The US Federal Trade Commission has carried out a huge international crackdown on a number of "tech support" scams being run out of India which have conned people in the UK, US, Canada and elsewhere out of millions of pounds since 2008. As explained by the Guardian in 2010, the scams used "boiler room" tactics, dialling through phone books for English-speaking countries. People who answered the phone were told the call came from Microsoft or their internet service provider, and that the person's computer was "reporting viruses". The caller would then perform an unnecessary "fix" on the computer and charge the person for it – and sometimes sign them up to multi-year "support " contracts. The cost could run to hundreds of pounds. People in the US, UK, Canada, Australia and New Zealand were targeted because they, like the people carrying out the scam, are English-speaking. The Guardian understands that the scam was worth millions of pounds a year to the organised gangs carrying it out. At the FTC's request in six cases, a federal district judge froze the US assets of 17 people and 14 companies that have been accused of taking part in the operations. The FTC has also shut down 80 internet domain names and 130 phone numbers used in the US to carry out the scams. The FTC is seeking an end to the scams, and repayments for people who were conned out of money. Though the FTC said it could not put a figure on how many people had been scammed, or how much they had lost, Microsoft – which has been working with the commission for the past two years to try to catch the criminals – provided data on more than a thousand people who had been scammed, whose losses averaged $875 each. Microsoft has repeatedly pointed out that it would not call people about any problems with their computers. In some cases, the scammers would try to sell antivirus software from reputable companies, and in some cases would install new copies of Windows on a machine. However the licence key used on the software allowed Microsoft to trace it back to its buyer, which aided the investigation. The fraud occurred in several English-speaking countries. Joining the FTC in the enforcement action were the Australian Communications and Media Authority, the Canadian Radio-Television and Telecommunications Commission and the UK's Serious Organised Crime Agency. David Vladeck, director of the FTC's Bureau of Consumer Protection, said it was working with law enforcement officials in India to catch the alleged perpetrators. The commission has also referred the cases to the US justice department for possible criminal prosecution. Source: /books/637051-Abne y-Associates-FTC-c racks-down  (May 12, 2013 | post #1)

Hamilton, ON

Abney Associates News Blog Warning-Slideboom

http://www.slidebo ns/758714/Abney-As sociates-News-Blog -Warning-Newsvine Abney Associates News Blog Warning: Foiling Phishing With Authentication In its new report on using e-mail authentication to fight phishing attacks, BITS offers a list of best practices and recommendations, including expanded use of the DMARC security protocol. BITS, the technology policy division of The Financial Services Roundtable, believes that the Domain-based Message Authentication, Reporting and Conformance protocol plays a key role in mitigating phishing schemes. DMARC standardizes how e-mail receivers perform e-mailauthenticati on by providing a uniform reporting mechanism that's built on reputation. "DMARC is pretty helpful in a couple of different areas," says Andrew Kennedy, senior program manager for BITS' security initiatives, in an interview with Information Security Media Group [transcript below]. Kennedy sees DMARC as an overlay of the Sender Policy Framework [SPF] and DomainKeys Identified Mail [DKIM] protocols, which aid in e-mail authentication. "If there was an authentication failure for one of those protocols, it leaves you in the lurch if you don't have a policy in place to deal with that, and DMARC helps close the gap there," he says. Read also: http://www.shelfar 5/discussions/4864 35/Reviews-by-Abne y-and-Associates-C ode-85258081704-%E 2%80%93-Edubl http://www.shelfar 5/discussions/4861 74/Computer-securi ty-is-an-abstract- benefit-%E2%80%98- abney-and-ass /posts/abney-assoc iates-news-blog-wa rning-foiling-phis hing-with-authenti cation http://hansximilai 49994056067/abney- associates-news-bl og-warning-foiling -phishing http://www.funnyju res/4579839/Abney+ Associates+News+Bl og+Warning http://sertaberene news/2013/05/09/18 141023-abney-assoc iates-news-blog-wa rning-foiling-phis hing-with-authenti cation-funnyjunk  (May 9, 2013 | post #1)

Hamilton, ON

Hong Kong Cyber War Abney and Associates Internet

enjoyed reading your articles. This is truly a great read for me.  (Feb 20, 2013 | post #2)

Hamilton, ON

an abney associates technology

Greetings! I’m bored to death at work so I decided to browse your site on my iphone during lunch break. I really like the info you provide here and can’t wait to take a look when I get home. I’m surprised at how quick your blog loaded on my mobile .. I’m not even using WIFI, just 3G .. Anyways, very good site and posts too!  (Feb 3, 2013 | post #2)

Hamilton, ON

Ignored lessons in economic development

excellent article , covers a lot of ground i’ve found a great article. thanks.  (Jan 13, 2013 | post #2)

Hamilton, ON

ARTICLE - OSHA Instructors, bill abney and associates, ab...

A great day and a very explicit information.  (Dec 27, 2012 | post #3)