Roger Halbheer on Security
A while ago, when I was travelling a journalist told me that he never pays for our software as he can easily download a tool to crack Windows XP (he was still running XP). We had an interesting discussion afterwards (besides the fact that he showed me how he steals our goods) about security. He…
DetailsI think that this is actually a fairly good overview of the privacy settings on Facebook and how you should set them:
How to secure your Facebook account
Roger
Wow, that’s an interesting question: Let’s say a Canadian flies from New York to Tokyo on Korean Air and hacks the German tourist’s computer seated in front of her while over the Pacific. Who’s laws apply? (Canada, US, Japan, Korea, Germany?) I mean, we have a hard time answering this question if everybody is grounded…
DetailsI am a huge fan of DirectAccess – especially as a user. This means mainly, that I love it as a user as I do not have to care anymore about where I am connected – my notebook immediately connects to our Microsoft Corporation’s network. Ages ago, when we ran the pilot I was already…
DetailsEnd of July we issued the fourth MSRC progress report showing not only the work we did on the Security Updates but with all the different programs with run out of MSRC as well. I guess this could be interesting for you as well: Microsoft Security Response Center (MSRC) Progress Report
Roger
Yesterday I blogged about the Security Advisory – Update For Minimum Certificate Key Length. I would like to take the opportunity to give some more information on it. The reaction on the advisory is interesting so far. Some customers expect mainly older applications to run into a problem. Others tell us that they mandated 2k…
DetailsAs you know, I rarely blog about Security Advisories or updates but this time, I want to make sure that you saw that: We released the Microsoft Security Advisory (2661254) – Update For Minimum Certificate Key Length to make you aware of the fact that we will restrict usage of all certificates with RSA keys…
DetailsThis would really be outstanding!! Swiss scientists develop algorithm to sniff out the source of malware and spam attacks
Especially if it can be used by the police to get them!
Roger
One of the most prevalent threats we are currently seeing in a lot of countries is SypEye. The Microsoft Malware Protection Center just published a report providing an overview of the malware: This Microsoft Malware Protection Center (MMPC) Threat Report provides an overview of the Win32/EyeStye (a.k.a. SpyEye) family of malware. The report examines the…
DetailsWhen I was talking to governments about Flame a few weeks ago, they typically told me that they do not see a lot but that they are heavily concerned about SpyEye and other banking trojans. It is now reflected in this article:
New bank theft software hits three continents
Roger
In the meantime I guess that most of us agreed that Consumerization of IT or Bring Your Own Device or how ever you want to call this will become a reality – probably rather sooner than later. In the meantime our team in France published a few papers/guides, which are definitely worth looking at: I…
DetailsYesterday we all had a very long day: We hosted the EU Cybersecurity and Digital Crimes Forum in Brussels. At lot of government elites from all across Europe attended and were part of very intense discussions. It was obvious that people really are serious about cyber-whatever and that actions are being taken. I think that…
DetailsWhat about using Bitlocker???? Laptop lost with data for more than 2,000 patients, Boston Children’s reports
One such incident probably pays your Windows 7 migration project – no?
Roger
Last October I blogged about EMET–Protection Against Zero-Days – a really great tool to protect your environment. We just released a new version, which can be downloaded here: Enhanced Mitigation Experience Toolkit v3.0. Before you test it, make sure you have your Bitlocker recovery key ready (or – before the next reboot, suspend Bitlocker and…
DetailsI guess, I do not have to comment this – right? What Microsoft can teach Apple about security response To quote the summary: Microsoft just released seven security updates to fix 23 vulnerabilities in Windows and other products. In February, Apple released a massive update that covered 51 vulnerabilities and also introduced an embarrassing security…
DetailsA few days ago, Windows Defender Offline was released. This is basically the tool to use, if you are unable to remove malware from a running PC. To quote the website: Sometimes, malicious and other potentially unwanted software, including rootkits, try to install themselves on your PC. This can happen when you connect to the…
DetailsBring Your Own Device or Consumerization of IT are fairly hot themes in a lot of customer organizations. When I talk to customers, there are typically different reactions, once we bring this up. Some tell us, that it is not part of their strategy; some tell us that they plan to do it but that…
DetailsWhen people look at attackers, they always think that they are extremely smart people. There are really smart people building the kits but the ones applying it? Well, you just need the right guidance:
Hacker’s Tiny Spy Computer Cracks Corporate Networks, Fits In An Altoid Tin
Fairly easy, isn’t it?
Roger
I am following Shoaib’s blog since quite a while – actually due to the beauty of the Internet, we only met virtually so far . He just posted on his blog: 5 Common Types of Security Professionals I really like this post. The way he categorizes them is: The NO-MASTER The By-The-Book Preacher The Dinosaur…
Details