Before joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this was 2001). Mainly they were along . . . → Read More: 10 Years of Trustworthy Computing at Microsoft
I know, I have been fairly slow in blogging currently but I was fairly busy with a few cool projects (which I will disclose later) and – time flies if you are having fun
Just a quick one:
The MMPC on Facebook and Twitter
The Microsoft Malware Protection Center (MMPC) officially launched its Facebook page . . . → Read More: Microsoft Malware Protection Center on Facebook and Twitter
To me, one of the benefits of moving to the Cloud is security – obviously besides availability and costs.
Recent incidents made me doubt:
Amazon not only having significant downtime but in the same time losing customer data. Sony’s game network being significantly compromised.
This is definitely not to blame them but I was heavily . . . → Read More: Cloud computing providers: Clueless about security?
Usually I blog intensively on the release of the Security Intelligence Report. However, this time I am out of office and have just little time to give you insight. We spent a lot of work to make it more comprehensive and give you a more stable view over quite some time. So there is a . . . → Read More: Security Intelligence Report v9 is online
This is always a fairly emotional theme. What is better to protect the ecosystem? Public or private disclosure? Should somebody paying for vulnerabilities or not? Is a vulnerability auction ethical or not?
I know that there are numerous views on that and I do not want to debate them here and now. What I just . . . → Read More: How to Deal With Vulnerabilities
I recently came across a paper called Shadows in the Cloud, which is actually a follow-up report of Tracking GhostNet: Investigating a Cyber Espionage Network, an investigation of the attacks on the office of the Dalai Lama and some governmental bodies. The report is written by two bodies who had the privilege to investigate those . . . → Read More: A Detailed Analysis of an Attack – Do We Need an International Incident Sharing Database?