How to secure your Facebook account
I think that this is actually a fairly good overview of the privacy settings on Facebook and how you should set them:
How to secure your Facebook account
Roger
Hacking on the plane: who has jurisdiction?
Wow, that’s an interesting question: Let’s say a Canadian flies from New York to Tokyo on Korean Air and hacks the German tourist’s computer seated in front of her while over the Pacific. Who’s laws apply? (Canada, US, Japan, Korea, Germany?) I mean, we have a hard time answering this question if everybody is grounded…
DetailsDirect Access and Virtual Smartcard
I am a huge fan of DirectAccess – especially as a user. This means mainly, that I love it as a user as I do not have to care anymore about where I am connected – my notebook immediately connects to our Microsoft Corporation’s network. Ages ago, when we ran the pilot I was already…
DetailsMicrosoft Security Response Center: Progress Report
End of July we issued the fourth MSRC progress report showing not only the work we did on the Security Updates but with all the different programs with run out of MSRC as well. I guess this could be interesting for you as well: Microsoft Security Response Center (MSRC) Progress Report
Roger
UPDATE: Security Advisory – Update For Minimum Certificate Key Length
Yesterday I blogged about the Security Advisory – Update For Minimum Certificate Key Length. I would like to take the opportunity to give some more information on it. The reaction on the advisory is interesting so far. Some customers expect mainly older applications to run into a problem. Others tell us that they mandated 2k…
DetailsSecurity Advisory – Update For Minimum Certificate Key Length
As you know, I rarely blog about Security Advisories or updates but this time, I want to make sure that you saw that: We released the Microsoft Security Advisory (2661254) – Update For Minimum Certificate Key Length to make you aware of the fact that we will restrict usage of all certificates with RSA keys…
DetailsToo Good to be True – Criminals Beware!
This would really be outstanding!! Swiss scientists develop algorithm to sniff out the source of malware and spam attacks
Especially if it can be used by the police to get them!
Roger
Background Information on SpyEye
One of the most prevalent threats we are currently seeing in a lot of countries is SypEye. The Microsoft Malware Protection Center just published a report providing an overview of the malware: This Microsoft Malware Protection Center (MMPC) Threat Report provides an overview of the Win32/EyeStye (a.k.a. SpyEye) family of malware. The report examines the…
DetailsBanking Trojan hits banks globally
When I was talking to governments about Flame a few weeks ago, they typically told me that they do not see a lot but that they are heavily concerned about SpyEye and other banking trojans. It is now reflected in this article:
New bank theft software hits three continents
Roger
Consumerization of IT
In the meantime I guess that most of us agreed that Consumerization of IT or Bring Your Own Device or how ever you want to call this will become a reality – probably rather sooner than later. In the meantime our team in France published a few papers/guides, which are definitely worth looking at: I…
DetailsTackling Cybersecurity Together
Yesterday we all had a very long day: We hosted the EU Cybersecurity and Digital Crimes Forum in Brussels. At lot of government elites from all across Europe attended and were part of very intense discussions. It was obvious that people really are serious about cyber-whatever and that actions are being taken. I think that…
DetailsLaptop lost with data for more than 2,000 patients, Boston Children’s reports
What about using Bitlocker???? Laptop lost with data for more than 2,000 patients, Boston Children’s reports
One such incident probably pays your Windows 7 migration project – no?
Roger
New EMET Version
Last October I blogged about EMET–Protection Against Zero-Days – a really great tool to protect your environment. We just released a new version, which can be downloaded here: Enhanced Mitigation Experience Toolkit v3.0. Before you test it, make sure you have your Bitlocker recovery key ready (or – before the next reboot, suspend Bitlocker and…
DetailsWhat Microsoft can teach Apple about security response
I guess, I do not have to comment this – right? What Microsoft can teach Apple about security response To quote the summary: Microsoft just released seven security updates to fix 23 vulnerabilities in Windows and other products. In February, Apple released a massive update that covered 51 vulnerabilities and also introduced an embarrassing security…
DetailsWindows Defender Offline
A few days ago, Windows Defender Offline was released. This is basically the tool to use, if you are unable to remove malware from a running PC. To quote the website: Sometimes, malicious and other potentially unwanted software, including rootkits, try to install themselves on your PC. This can happen when you connect to the…
DetailsConsumerization of IT–How to address this
Bring Your Own Device or Consumerization of IT are fairly hot themes in a lot of customer organizations. When I talk to customers, there are typically different reactions, once we bring this up. Some tell us, that it is not part of their strategy; some tell us that they plan to do it but that…
DetailsBuild your own sniffing kit
When people look at attackers, they always think that they are extremely smart people. There are really smart people building the kits but the ones applying it? Well, you just need the right guidance:
Hacker’s Tiny Spy Computer Cracks Corporate Networks, Fits In An Altoid Tin
Fairly easy, isn’t it?
Roger
5 Common Types of Security Professionals
I am following Shoaib’s blog since quite a while – actually due to the beauty of the Internet, we only met virtually so far . He just posted on his blog: 5 Common Types of Security Professionals I really like this post. The way he categorizes them is: The NO-MASTER The By-The-Book Preacher The Dinosaur…
DetailsQ1 Software Vulnerabilities
This was an interesting article on cio.com: Apple, Oracle, Google Lead Major Vendors with Software Vulnerabilities in Q1, Security Report Says – by TrendMicro. Now, these stats are always a bit a challenge: They make a really good headline but if the statistics does not include the severity of the vulnerabilities, it is hard to…
Details