The Enhanced Mitigation Experience ToolkitÂ is definitely not new but I recently realized that not too many people know about it â€“ and they should. EMET helps you to raise your shields against zero-days and any exploit in the wild. I do not say that it is a silver bullet but it is definitely going…Details
A lot changed in the IT and regulatory world when it comes to the cloud. A few years ago, banks would nto even think about the cloud (maybe for dev and test but for sure not for production workloads. It was simply unthinkable that a bank would move their data in a hyper-scale cloud. And…Details
When I talk with customers about the Cloud, we always talk about a few key themes: Identity: I am convinced that you need to be able to federate your identity from your on premise solutions to the cloud. You will want to control the process of decommissioning an identity and want to make sure that…Details
If you have not read, yet about Confidential Computing, you definitely should. This can be a real game-changer in how to deal with sensitive data in the cloud.
Mark Russinovich held a Microsoft Mechanics session at Ignite on that – 15 minutes well spent. Watch yourself:
I just want to make you aware the Windows 2000 and Windows XP SP2 are going out of support. There are a few good blog post you should look at: End of Support for Windows XP SP2 and Windows Vista (with no service packs installed) End of support for Windows 2000 and Extended Support phase…Details
I often have the opportunity to keynote events on security. I rarely want to talk about products but much more about the way I see the development around security on the Internet. The reason why I do this presentation the way you see below is, that threats change and criminals evolved (and will still evolve)…Details
This is kind of interesting: IDC reports endpoint security market is booming, but isn’t antivirus dead? I am still deeply convinced that Anti-Virus by itself does not add a lot of value. You can use better technology to protect against malware (see Is Anti-Virus Technology Dead?). If I see that this market is still predicted…Details
Following the attacks on Estonia, they published a pretty interesting paper called Cyber Security Strategy by the Ministry of Defense in Estonia. One thing which I see again and again is that most of the people looking into such strategies conclude that strong collaboration is needed between the different players as well as across country…Details
Forbes posted: The World’s Most Ethical Companies. I quote: The Ethisphere Institute, a New York City think tank, has just announced its fifth annual list of the World’s Most Ethical Companies. The selection, open to every company in every industry around the globe, gives its winners an opportunity to trumpet their do-gooding ways. It is…Details
I recently had the great opportunity to join the Europol High Tech Crime Experts Meeting 2008 in Den Haag. This is mainly a get together of the High Tech Crime leads of the EU Law Enforcement agencies and countries where they have a close relationship with (e.g. Switzerland, Norway, Canada etc). Additionally there are a…Details
After the launch of different products for the consumer, businesses and in the Cloud, Steve Ballmer opened CES today in Las Vegas. You should look at it. There are a few very cool announcements
As Threat Intelligence is one of the key assets to be built in companies, the right information sources will be key. The challenge there is not only to get information but to transform it into actionable intelligence. It needs to be targeted to the industry you are working in as well as to the situation…Details
Just a quick one. I was aware that a few data points in an anonymized data set can already be enough to identify a single person. However, what you can get out of Facebook is amazing. If you do not know it yet, go to https://applymagicsauce.com/ and apply the magic to your Facebook profile. Just…Details
This is actually a great development to fight Child Porn:
Facebook adopts PhotoDNA and joins Microsoft and The National Center for Missing & Exploited Children to disrupt the proliferation of online child exploitation.
You find the information here.
A teacher in the US reached a settlement with his former employer regarding an age discrimination suit. It was agreed that the $80k settlement should remain confidential. However, the teacher informed the court that they had to tell their daughter “something”. Which led the girl to post on Facebook (“only” to her 1200 “friends”): Mama…Details
Long time no blogâ€¦ I know. It was a fairly busy and very intense time. Since quite a while I am using a password manager since a long time for “not so critical” passwords. It is could-based and helps me a lot from a convenience point of view. However, it has one single caveat: the…Details
Recently a (at least for me) new phenomenon appeared on the web: Faked data breaches. As the announcement of a data breach typically draws a lot of attention, it is just to be expected that faked announcements will hit the web. Additionally in a lot of media like Twitter and Facebook, speed is more important…Details
To be clear upfront: I think that our political system is amongst the best across the Globe. It is one of the purest systems to reflect a democratic process in a direct democracy. This is shown in special initiatives like the “Hornkuh Initiative”, where on farmer from the Swiss mountains found enough support for his…Details
Microsoft Malware Protection Center published a document on Battling the Zbot Threat, a special edition of the Security Intelligence Report. It is a very good document, worth looking at. This is the intro (to make you curious for more): This document provides an overview of the Win32/Zbot family of password-stealing trojans. The document examines the…Details
I often read two kinds of articles when it comes to ISPs and protecting privacy. In side asks for as much privacy as possible, the other one for transparency to fight cybercrime. What is our real goal? What is the role of ISPs in fighting crime? An interesting study by the OECD in comparison with an article I read today.Details