• Accenture
  • Cybercrime
    • Crime
    • Terrorism
  • Fun
  • Government
    • Critical Infrastructure Protection
    • Law Enforcement
    • Legislation
  • Industry
    • Associations
    • Cloud Computing
    • Consumerization of IT
    • Events/Trainings
    • General
    • Incidents
    • Internet of Things
    • Open Source
    • Outsourcing
    • Piracy
    • Social Media
    • Technology
    • Trends
  • Intergovernmental Organizations
  • Microsoft
    • Cloud Computing
    • Consumer
    • Incidents
    • Partner
    • Processes
    • Products
    • Strategy
  • Privacy
  • Security
    • People
    • Policy
    • Process
    • Technology
Catagories
Roger Halbheer on SecurityRoger Halbheer on Security
Roger Halbheer on Security
Information Security Discussion

Roger Halbheer on Security

  • Home
  • Downloads
  • My Photo Gallery
  • Bio and Contact
  • Blogroll
    • Chief Security Advisor Microsoft Finland
    • Chief Security Advisor Microsoft Italy
    • Chief Security Advisor Microsoft Russia
    • Chief Security Advisor Microsoft South Africa
    • Chief Security Advisor Microsoft Switzerland
    • Chief Security Advisor GCR (Chinese)
    • Chief Security Advisor Germany
    • Gerhard Göschl (Microsoft Austria)
    • Microsoft’s Security Blog
    • Trustworthy Computing
    • Microsoft Switzerland Security Blog
    • Shoaib Yousuf
  • Tweetroll
    • Roger Halbheer
    • Henk van Roest
    • Microsoft Security Response
    • Microsoft Digital Crimes Unit
Menu back  
LinkedinRssTwitterXING
Find
Date Name
DescAsc

Security Development Lifecycle – Website!

I often talk about how we learned to engineer security into the products and the results prove that we are on the right track. One of the challenges we always have is how to help the ecosystem to improve as well. One of the ways is to communicate through our website. Not, that this is…

Details
March 8, 2010Leave a commentMicrosoft, Process, Processes, SecurityBy Roger Halbheer

Why it pays to be secure – Chapter 5 – I need tools!

Our EMEA Security Program Manager, Henk van Roest, started this series internally and with his consent I am publishing it here in my blog as I think it contains a lot of great information for you to use. So far, in the first 4 chapters, we have addressed the usual excuses for not Managing Your…

Details
March 7, 2010Leave a commentMicrosoft, Processes, Products, StrategyBy Roger Halbheer

Migrating My Blog

If you are a regular reader of my blog, you might have been surprise today – but yes, it is still my blog 🙂 From time to time I am looking into different ways of doing things. I ran my blog until now on SharePoint 2007 and an extension I found on Codeplex, which is…

Details
March 6, 2010Leave a commentMicrosoftBy Roger Halbheer

When Security Essentials are not Microsoft Security Essentials

It is so old: Software telling you that you are infected and that you have to install this latest security software immediately. You can bet that this then installs malware on your PC instead of cleaning it. We mentioned this problem already in the first chapters of our Security Intelligence Report v7. And it was…

Details
March 1, 2010Leave a commentCybercrime, Incidents, MicrosoftBy Roger Halbheer

The Latest Internet Explorer 0Day

As it happens: I have been skiing last week (the weather was gorgeous) and now I am back (unfortunately) and confronted with the next Internet Explorer 0Day vulnerability, which already causes noise – in my opinion too much for the real technical problem. If you read the blog post of the Microsoft Security Response Center…

Details
March 1, 2010Leave a commentCybercrime, IncidentsBy Roger Halbheer

Making the Management of Security Compliance Easier!

As you all know, I have two main pet themes: Risk Management and Compliance Management as I see very often that there is room for improvement when it comes to such processes within our customers. Internally, we often think about how we can make it easier for our customers to manage compliance in their networks.…

Details
February 18, 20101 CommentProcesses, ProductsBy Roger Halbheer

SANS Top 25 Most Dangerous Programming Errors – the same as very often…

I just worked my way through the list SANS published. Looking at the list it is not surprising but scary to see which errors made it to the top of the list: Cross-site Scripting SQL Injection Classic Buffer Overflow Cross-Site Request Forgery Improper Access Control It shows as we often say that the attacks moved…

Details
February 17, 2010Leave a commentAssociations, General, Incidents, TrendsBy Roger Halbheer

Children – A Threat For Corporate Security?

I read this article this morning: Safer Internet Day: How children can undermine corporate security and it actually reminds me of all the PCs I looked at in my private environment. When I see a heavily infected PC, the parents always keep telling me that the Peer-to-Peer network software on the PC was installed by…

Details
February 10, 2010Leave a commentIncidents, People, TrendsBy Roger Halbheer

Use Music to Fight Cybercrime: 'Maga No Need Pay'

When I travel through Africa, the high piracy rate is often something we address. Not necessarily from a commercial perspective but much more from a security angle. We know that pirated software is often infected with malware and therefore used for criminal activities. However, the discussion is a difficult one as a lot of people…

Details
February 9, 2010Leave a commentGovernment, Strategy, TrendsBy Roger Halbheer

Targeted Attacks -the "Real" Problem

When I talk to customers, the different attacks are often something we discuss (obviously). I often mention that Virus and Worm attacks on a broad scale (like Conficker etc.) are a serious problem but at least one we see, one we understand and one we can fight (because we see and understand it). However, my…

Details
February 5, 2010Leave a commentCrime, Critical Infrastructure Protection, Incidents, TerrorismBy Roger Halbheer

Cloud Security Paper: Looking for Feedback

As most of you as well, I was looking for information and opinions on Cloud Security over the last year. I found a lot of papers but when I talk to our customers I realize that they think about the Cloud but Cloud Security is mainly something for the specialists – which it is not…

Details
January 30, 20102 CommentsCloud ComputingBy Roger Halbheer

Data Protection Day: An Interesting Study

As you might know, it was time for the Data Protection Day in Europe again. Unfortunately I did not find the videos from this year’s competition yet but I guess we will find them later on the page and on YouTube. However, we released a study on Privacy which is pretty interesting. Find the summary…

Details
January 29, 2010Leave a commentEvents/Trainings, Government, Legislation, PrivacyBy Roger Halbheer

IE Vulnerability: Going Out of Band

Just to make sure you have seen that: We just released a blog Security Advisory 979352 – Going out of Band Quoting the blog: Based on our comprehensive monitoring of the threat landscape we continue to see very limited, and in some cases, targeted attacks.  To date, the only successful attacks that we are aware…

Details
January 19, 2010Leave a commentIncidentsBy Roger Halbheer

Update on the Internet Explorer Vulnerability

There was and still is a lot of noise regarding the Internet Explorer vulnerability reported in Microsoft Security Advisory 979352 – including the normal discussion about which browser is most secure. A discussion I do not want to get into here but I think it is necessary to lay out the facts instead of all…

Details
January 18, 2010Leave a commentIncidentsBy Roger Halbheer

Security Advisory on the recent Internet Explorer Vulnerability

I guess you might have seen it by now but if not, please make sure you read and understand the material available: This night we released a Security Advisory on a Vulnerability in Internet Explorer Could Allow Remote Code Execution. The reason for that is that our investigations have shown that this vulnerability was one…

Details
January 15, 2010Leave a commentIncidentsBy Roger Halbheer

Leveraging Data Execution Prevention (DEP)

The recent IE attacks have show again that the current technology built in Windows Vista and Windows 7 could at least help to mitigate the attacks. One of these technologies which could be used more broadly is Data Execution Prevention (DEP). Here is how to switch DEP on (it is fairly well hidden). First, enable…

Details
January 15, 20101 CommentIncidents, ProductsBy Roger Halbheer

HP and Microsoft Partnership: That's What You Need in the Cloud

Often when I talk to our customers and they ask me about the cloud, a lot of questions come up. Most of them are security related (obviously) but some of them are more management focused. For example the question about how to manage a hybrid environment, where part of your business is run on premise,…

Details
January 14, 2010Leave a commentPartner, Products, StrategyBy Roger Halbheer

Un-Google Yourself: Remove your Web Content

A few days ago, I blogged on Tired of Web 2.0? Kill your Online Identities – an automated way to “disappear” from Web 2.0 (actually Facebook has banned the tool since…). Today, I was reading an article called Un-Google Yourself. Trust me, I am not explicitly looking for such approaches but seem to find them…

Details
January 12, 2010Leave a commentPrivacy, TrendsBy Roger Halbheer

Tired of Web 2.0? Kill your Online Identities

No, this is not a joke. If you are tired of all the discussions about Web 2.0, the privacy breaches and the related problems, you can commit Web 2.0 Suicide. There is a Web 2.0 Suicide Machine – but we warned before you do it – this process seems to work and is not reversible.…

Details
January 7, 20101 CommentSocial Media, TrendsBy Roger Halbheer

The "Year-2010"-Problem: Failure of ATM cards!

When the industry prepared for the Year 2000, I was working in a consulting company living good from doing reviews on Y2k-projects. Then the year 2000 came and nothing happened (besides a big party). Then year 2010 came – and the bug actually got hold of us. Initially I thought that I was reading a…

Details
January 6, 2010Leave a commentGeneral, IncidentsBy Roger Halbheer
1
234567891011121314151617181920212223242526
…2728293031…
323334353637383940414243
44
Prev pageNext page
Tag Cloud
Calendar
May 2022
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031  
« Aug    
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy
Copyright by Roger Halbheer Dream-Theme — truly premium WordPress themes