Still relying on the network? It is the user!

It is not the first time I am talking about Zero Trust here. And often it is absolutely clear to the customers that the next perimeter is the identity and not necessarily the network to the same extent anymore. Read this article: More Than 99% of Cyberattacks Need Victims’ Help – the network protection will…

How to leverage “Secure Access Workstations” for the Cloud

This is a questions I get fairly often. But before I try to answer, let’s take a step back: We know that attackers typically try to compromise user accounts and then move laterally until they find higher-value credentials. The holy grail in this movement is typically and administrator who uses his admin account to surf…

Targeted Attacks – a Video Series

Trustworthy Computing in partnership with Microsoft IT, Microsoft Consulting and the product groups just released a series of videos on targeted attacked and how to defend.

I would definitely urge you to listen to them and make sure you implement the countermeasures: Targeted Attacks Video Series

Roger

UPDATE: Security Advisory – Update For Minimum Certificate Key Length

Yesterday I blogged about the Security Advisory – Update For Minimum Certificate Key Length. I would like to take the opportunity to give some more information on it. The reaction on the advisory is interesting so far. Some customers expect mainly older applications to run into a problem. Others tell us that they mandated 2k…

Security Advisory – Update For Minimum Certificate Key Length

As you know, I rarely blog about Security Advisories or updates but this time, I want to make sure that you saw that: We released the Microsoft Security Advisory (2661254) – Update For Minimum Certificate Key Length to make you aware of the fact that we will restrict usage of all certificates with RSA keys…

What Microsoft can teach Apple about security response

I guess, I do not have to comment this – right? What Microsoft can teach Apple about security response To quote the summary: Microsoft just released seven security updates to fix 23 vulnerabilities in Windows and other products. In February, Apple released a massive update that covered 51 vulnerabilities and also introduced an embarrassing security…