Trustworthy Computing just released two papers on current issues: Determined Adversaries and Targeted Attacks Whitepaper This paper shares Microsoft’s insights into the threat that Determined Adversaries and Targeted Attacks pose, identifies challenges for organizations seeking to combat this threat category and provides a context for other papers that will directly address each of those. http://www.microsoft.com/en-us/download/details.aspx?id=34793…Details
You should spend 15 minutes on this TED talk â€“ really worth it!!
Exactly the right article for a weekend: May the (En)Force(ment) Be With You â€“ Security Lessons from Star Wars From applying security policies to DLP and effective user authentication, there are many infosecurity lessons to be learned from the classic space opera. Terry Greer-King of Check Point shows how companies can avoid the Empire’s mistakes…Details
New Consumerization of IT Test Lab Guide: Hyper-V Windows 8 corporate virtual machine on personal computer”
Our friends in France are currently working intensively on Test Lab Guides for Consumerization of IT. The next one was just released: New Consumerization of IT Test Lab Guide: Hyper-V Windows 8 corporate virtual machine on personal computer” This is the overview: Thinking about Consumerization of IT (CoIT) necessarily leads to some security and management…Details
Paper: Information Protection and Control (IPC) in Office 365 Preview with Windows Azure AD Rights Management
As you know, protecting your information in the cloud is key. We just published a paper called Information Protection and Control (IPC) in Office 365 Preview with Windows Azure AD Rights Management. Here is the summary: Due to increased regulation, the Consumerization of IT (CoIT) and the “Bring Your Own Device” (BYOD), the explosion of…Details
A while ago, when I was travelling a journalist told me that he never pays for our software as he can easily download a tool to crack Windows XP (he was still running XP). We had an interesting discussion afterwards (besides the fact that he showed me how he steals our goods) about security. He…Details
Wow, that’s an interesting question: Let’s say a Canadian flies from New York to Tokyo on Korean Air and hacks the German tourist’s computer seated in front of her while over the Pacific. Who’s laws apply? (Canada, US, Japan, Korea, Germany?) I mean, we have a hard time answering this question if everybody is grounded…Details
I am a huge fan of DirectAccess â€“ especially as a user. This means mainly, that I love it as a user as I do not have to care anymore about where I am connected â€“ my notebook immediately connects to our Microsoft Corporation’s network. Ages ago, when we ran the pilot I was already…Details
End of July we issued the fourth MSRC progress report showing not only the work we did on the Security Updates but with all the different programs with run out of MSRC as well. I guess this could be interesting for you as well: Microsoft Security Response Center (MSRC) Progress Report
Yesterday I blogged about the Security Advisory â€“ Update For Minimum Certificate Key Length. I would like to take the opportunity to give some more information on it. The reaction on the advisory is interesting so far. Some customers expect mainly older applications to run into a problem. Others tell us that they mandated 2k…Details
As you know, I rarely blog about Security Advisories or updates but this time, I want to make sure that you saw that: We released the Microsoft Security Advisory (2661254) – Update For Minimum Certificate Key Length to make you aware of the fact that we will restrict usage of all certificates with RSA keys…Details
This would really be outstanding!! Swiss scientists develop algorithm to sniff out the source of malware and spam attacks
Especially if it can be used by the police to get them!
One of the most prevalent threats we are currently seeing in a lot of countries is SypEye. The Microsoft Malware Protection Center just published a report providing an overview of the malware: This Microsoft Malware Protection Center (MMPC) Threat Report provides an overview of the Win32/EyeStye (a.k.a. SpyEye) family of malware. The report examines the…Details
A very good video from Sophos on DNSChanger:
When I was talking to governments about Flame a few weeks ago, they typically told me that they do not see a lot but that they are heavily concerned about SpyEye and other banking trojans. It is now reflected in this article:
In the meantime I guess that most of us agreed that Consumerization of IT or Bring Your Own Device or how ever you want to call this will become a reality â€“ probably rather sooner than later. In the meantime our team in France published a few papers/guides, which are definitely worth looking at: I…Details
Yesterday we all had a very long day: We hosted the EU Cybersecurity and Digital Crimes Forum in Brussels. At lot of government elites from all across Europe attended and were part of very intense discussions. It was obvious that people really are serious about cyber-whatever and that actions are being taken. I think that…Details
What about using Bitlocker???? Laptop lost with data for more than 2,000 patients, Boston Childrenâ€™s reports
One such incident probably pays your Windows 7 migration project â€“ no?
Last October I blogged about EMETâ€“Protection Against Zero-Days â€“ a really great tool to protect your environment. We just released a new version, which can be downloaded here: Enhanced Mitigation Experience Toolkit v3.0. Before you test it, make sure you have your Bitlocker recovery key ready (or â€“ before the next reboot, suspend Bitlocker and…Details