Microsoft Security Intelligence Report v23 available!

I still remember the first one and now we reach version 23… It has a lot of insights into the malware and cybercrime landscape with really actionable recommendations. The Microsoft Security Intelligence Report can be accessed in different ways: Infographic – https://aka.ms/SIRv23Info Full Report – https://aka.ms/SIRv23 Webinar (April 10th at 10 am PDT) – https://aka.ms/SIRv23webcast…

Ordering Technology Off a Government Organization

I guess we all read the news of President Trump ordering governmental organizations to migrate off any Kaspersky security software ASAP. This is basically an interesting move as it highlights the challenges regarding supply chain security, however, is this an effective was to protect an organization? I hope President Trump and/or his advisors consider a…

Spread of Eternal Blue – Patching Still a Huge Issue

Back in the early days at Blaster we told the customers that they must do three things: Switch on your firewall Apply security updates Have an anti-virus software installed and keep it updated It seems that even after Wannacry and Petya people have not learned, yet: Look at these statistics with computers still being vulnerable…

Attacks on the Critical Infrastructure happen!

It is not new that in December 2015 and December 2016 Ukraine suffered a power outage due to a cyber-attack. Researchers now figured out that both attacks leveraged the same framework to base their attacks on. It is not as sophisticated as Stuxnet for different reasons (only leverages one vulnerability, the way it communicated, etc.)…

Criminals getting closer to State Actors

A few years ago, we saw a clear difference between state actors and criminals looking at the technologies and procedures they applied attacking an environment. Over time we have seen these two groups coming closer together. In the meantime, criminals seem to have caught up. They started to use more sophisticated and targeted malware and…

Shortage of Cybersecurity Workforce to Increase – An Opportunity for Managed Services

One of the discussions I have with a lot of customers is around managed security services. Especially themes like Security Operation Centers seem to be fairly emotional as quite some customers want to build and run one themselves (and yes, I know the challenges around regulation). One of the points I often make is the…