If you like Scott Chaney’s suggestion he made at ISSE this week called Collective Defense – Applying Public Health Models to the Internet he raised very good points about the different roles the participants in the Internet Health Ecosystem have to play. Into that, the following article fits in fairly nicely: Comcast to notify subscribers with infected PCs . . . → Read More: Responsibility of ISPs for the ecosystem?
It is an interesting and difficult question. What can we do to really be able to stay on top? Or shall we give up? Well, clearly, I do not think so.
I read this article today, which really made me think: Black Hats are Winning, Symantec Says – wow! A fairly clear statement. We lost . . . → Read More: Are We Losing the Fight Against Cybercrime?
You know my opinion on collaboration between countries, on public-private-partnerships as well as on collaboration between companies.
Since quite a while we run a program called MAPP – the Microsoft Active Protections Program, where we share vulnerability information with security vendors to help them to get signatures out to our joint customers the moment we . . . → Read More: Microsoft and Adobe: Collaboration Against Threats
One of the biggest challenges in Critical Infrastructure Protection or Incident Response is collaboration. Collaboration between the public and the private sector as the private sector is most often running the critical infrastructure; collaboration between different governments as well as incidents do not tend to stop at a country’s border.
Now, planning for such . . . → Read More: The Importance of International Collaboration–Even in Exercises
“Unfortunately” I have been on vacation when we released the Security Intelligence Report last week. Nevertheless I would like to take the opportunity and look at it more from a EMEA perspective.
One of the interesting data points we always publish is the Malware Infection Rate. Remember, there is a huge amount of data we . . . → Read More: Microsoft Security Intelligence Report – What it means for EMEA
I recently came across a paper called Shadows in the Cloud, which is actually a follow-up report of Tracking GhostNet: Investigating a Cyber Espionage Network, an investigation of the attacks on the office of the Dalai Lama and some governmental bodies. The report is written by two bodies who had the privilege to investigate those . . . → Read More: A Detailed Analysis of an Attack – Do We Need an International Incident Sharing Database?
On February 24th we announced the work we did on taking down Waledac – read Tim Cranton’s blog post called Cracking Down on Botnets.
Now it is time to look back and try to understand what we learned so far. sudosecure traces the Waledac infections and give a good view of new infections by the . . . → Read More: Results of Operation b49 (Botnet Takedown)
To start with: I am an engineer not a lawyer – and this might be part of the problem…
When I started to think about the Cloud and security and thought about all the work I do with Law Enforcement and the challenges they face. Additionally, I started to think about the legal challenges we . . . → Read More: Legal Challenges of International Business and the Cloud