This is pretty remarkable from my point of view: In 2005 our Forensic team together with our Investigators obtained the identification and arrest of M. Jean-Charles S. for the illegal distribution of a hacking tutorial against MSN Hotmail and MSN Messenger users. On June 12, 2008 the Tribunal Correctionnel (criminal court in France) sentenced this…Details
Yesterday we all had a very long day: We hosted the EU Cybersecurity and Digital Crimes Forum in Brussels. At lot of government elites from all across Europe attended and were part of very intense discussions. It was obvious that people really are serious about cyber-whatever and that actions are being taken. I think that…Details
We had a very interesting event this week with PwC in our new pop-up store at the Paradeplatz in Zurich. PwC showed from their perspective what it takes to move to the cloud and how the auditor looks at the compliance challenges in the cloud. If is good to see as well how the industry…Details
This is a nice feature â€“ on this page http://www.microsoft.com/windowsazure/support/status/servicedashboard.aspx we show the current state of our Azure services. This is the kind of transparency (on the operationsâ€™ side) we need. There is much more needed with regards to process transparency but this is a great first step
When I talk to customers, the different attacks are often something we discuss (obviously). I often mention that Virus and Worm attacks on a broad scale (like Conficker etc.) are a serious problem but at least one we see, one we understand and one we can fight (because we see and understand it). However, my…Details
Trustworthy Computing in partnership with Microsoft IT, Microsoft Consulting and the product groups just released a series of videos on targeted attacked and how to defend.
I would definitely urge you to listen to them and make sure you implement the countermeasures: Targeted Attacks Video Series
Since quite a while, I am saying that targeted attacks are the risks, which really keep me up at night.
BBC just posted a similar article: Cyber-sabotage and espionage top 2011 security fears
I think that this is a real issue and very hard to fight!
One of the questions I often get is my position on Cyber-Terrorism. I doubt that there will be â€œisolatedâ€ technology-related terrorism. What we see much more is the use of high-tech during classical terrorism attacks. If you look at the recent terrorism events in Mumbai, there was some pretty interesting background on it: In order…Details
You might have known the 10 Immutable Laws Of Security since quite a while. It is kind of the â€œcollected non-technical wisdomâ€ of what we see in security respeonse being it in Microsoft Security Response Center or in our Security Product Support. There is now a version 2, which is still as important as version…Details
I am running Microsoft Security Essentials (called â€œMorroâ€) since quite a while on my Mediacenter and I am definitely convinced of it. So, go ahead and test it: http://www.microsoft.com/security_essentials/resources.aspx â€“ it will be our free Anti-Malware solution
Quite a while ago, I blogged on Virtual Labs, an offering we are making to you to get your hands dirty with our products and give you the opportunity to work with different hands-on labs. There is the VirtualLabs offering, containing MSDN and TechNet labs. The idea behind them is: It’s simple: no complex setup…Details
On different social media this article actually gets tremendous coverage: KHOBE â€“ 8.0 earthquake for Windows desktop security software. Now, before you read the rest here, I am not an AV-specialist nor do I have very deep, deep knowledge on the details of our file system drivers and the Windows kernel. I just try to…Details
When the industry prepared for the Year 2000, I was working in a consulting company living good from doing reviews on Y2k-projects. Then the year 2000 came and nothing happened (besides a big party). Then year 2010 came â€“ and the bug actually got hold of us. Initially I thought that I was reading a…Details
I guess you read it as it was pretty wide-spread in the press in the last few days: On the Insecurity of Microsoft’s Identity Metasystem CardSpace. Well, is there any official Microsoft reaction to it? No, not yet and if you look a little bit more in depth into it, I doubt that there will…Details
Maybe Heartbleed has the positive side-effect that users think about using different passwords for different sites (and then a password manager?) or websites start to think about using two-factor authentication? The downside typically is, that these effects tend not to last all too longâ€¦ or how far did Snowden really change people’s behavior? Heartbleed’s silver…Details
A lot has been written about the incident at the US retailer “Target”. It is always interesting how easy such incidents happen â€“ without really blaming Target in this case. It seems that a virus infected their payment terminals and read the magnetic stripe of the Credit Card including the name of the owner â€“…Details
The development in Africa especially with the new broadband services to me is a huge chance for the whole continent. I just found this map on the next two years: source: IntelFusion Even though I have not been in Africa over the last few months, I heard that in different cities fiber is brought directly…Details
Well, this is not what I am claiming to haveâ€¦. This is what I am looking for. At the moment, I am monitoring/reading the following security-related blogs (sorted alphabetically): Microsoft BitLockerâ„¢ Drive Encryption Team Blog Chief Security Advisor Finland (in Finish) Chief Security Advisor Italy (in Italian) Chief Security Advisor Switzerland (in English) Chief Security…Details
An interesting analysis by the Malware Protection Center: