2007 Microsoft Office Suite – Service Pack 2 released
Just a quick one. We released SP2 for Office 2007. You can download it here.
Roger
RSA Keynote by Scott Charney, VP Trustworthy Computing
Scott held a keynote during RSA this week. Here you find the webcast (it is about 30 minutes) – definitely worth looking at:
Roger
Finjan reports world's largest Botnet
I guess you have read it in the meantime: There are a lot of reports out there, that Finjan found a Botnet affecting 1.9 Million computers. This is really bad – obviously. The press now started to cover this and I think we are already losing a little bit of focus in the discussion. I…
DetailsThe Impact of the Downturn (part 2)
Just a brief one: I wrote an article for Infosecurity which was just published in the latest version covering the economic downturn as well. It is called Time to Step Up and can be found on page 45 of the latest edition.
Roger
The Impact of the Downturn on Security
This is a question I often get asked: What is the impact of the economic downturn on security? I am convinced that three things will happen: Cybercrime will grow Security budgets will shrink – it is just open whether the budgets will shrink at the same pace as IT budgets or faster but I am…
DetailsSchedule update on Forefront
You know that I am a big fan of what we are going to deliver with our Forefront Suite in the next version code-named Stirling. You probably heard me talking about compliance (where, from a technical perspective Forefront can play an integral part) and what I call the best of need integrated platform – where…
DetailsUpdate on Conficker Variants
Over the last few day we have seen a lot of coverage about new Conficker variants. Let me give you a very brief update. But before I start, let me make sure that we are clear on one thing. In the area of security, we often see coverage about somebody who heard something from the…
DetailsSecurity Intelligence Report: "Scareware" on the Raise
You know that we release our Security Intelligence Report twice an year: Today Version 6 is due. Let me try to give you an overview of the “highlights†of the report from my point of view: As I wrote in the title and as I blogged about this summer („Scareware“ on the Raise) one if…
DetailsSecurity Updates on Automatic Update
I basically like the blogosphere. It is a way to express an opinion without having to worry (too much) about censorship. The disadvantage is that there are people who present things as “factsâ€, which are simply wrong. This happened Thursday on ZDNet. I stumbled across an article called It’s time for Microsoft to supply ALL…
DetailsConficker – Are you infected?
I just found this pretty clever website which bases its statement with regards to your possible Conficker infection on the information whether you are able to access certain websites:
http://www.joestewart.org/cfeyechart.html
Pretty clever
Roger
9 Cameroonians Arrested for Fraud
Since quite a while, when I am talking to government officials (and the private sector) I am asking for new ways of collaboration between Law Enforcement and the industry in order to fight cybercrime. We are already seeing big progress when it comes to training where the different bodies came closer together. However, there is…
DetailsConficker.D and April 1st
Will the Internet world end on April 1st? This is at least the impression I got from reading the press in the last couple of days. It seems that some story spun off and started to develop a life of its own. What is really going to happen on April 1st? I quote the blog…
DetailsPatch Management – Cover the whole 9 yards
I pretty often have discussions about Patch Management with our customers. I think it is a very important discussion as I see too many customers not patching at all. However, taking the shining examples – they often look at the Microsoft product suite “onlyâ€. You might remember that I blogged about my experience with this…
DetailsWhat happens with Conficker on April 1st?
I would love to know… You probably saw a lot of blog posts recently about “Conficker to strike back on April 1st†or similar. If you are interested in what is know about Conficker and April 1st, read our encyclopedia entry on Conficker.D and you should choose the “Analysis†tab there, which gives you the…
DetailsTime Sync on Virtual DCs
I was recently caught in a tricky problem: The clock of one of my host servers ran out of sync.. – significantly. The core problem was that my Mediacenter (which is domain integrated) started to record about 6-8 minutes too late but this is not the reason why I post. The actual reason was that…
DetailsYou deployed MS09-008 – are you now protected?
You might have seen several reports that MS09-008 does not protect you from the vulnerabilities. We reviewed these claims and customers who have deployed MS09-008 are protected from the four vulnerabilities. If you want to have the details, you should consult our Security Research & Defense Blog, where we posted MS09-008: DNS and WINS Server…
DetailsDeploying PKI
Recently I decided to spend some time to implement some new technologies in my environment at home. The environment itself is a mixture between test and production. If you are reading this post on www.halbheer.info/security, you are already accessing this environment. So, I host my web server, mail server etc. there, all our private mails…
DetailsOctopus Conference on Cybercrime
Well, it is actually not “on Cybercrime†but on “Cooperation against Cybercrime†Today and tomorrow this conference takes place at the Council of Europe in Strasburg. The Council of Europe developed a convention on cybercrime, which is actually very good and helps to harmonize legislation. Unfortunately the convention is not yet ratified in a lot…
DetailsMozilla Patches Fastest. NOT!
I only believe the statistics I forged myself So, once more, there is a debate on which browser is the most secure, who fixed which vulnerabilities how fast. The Secunia Report 2008 was just published and it seems that this injects once more the fire about browser security. Out Jeff Jones just posted at CIO.com…
Details