The DigiNotar Story–So Far
I just read an article on SANS: DigiNotar breach – the story so far. To be clear: This is not a Microsoft analysis nor any official statement from us. What we have to say is in the advisory: Microsoft...
View ArticleUpdate on DigiNotar
And interesting development tonight: Based on what happened with DigiNotar recently (especially with the false certificates for *.google.com), the Dutch government decided to have an official statement...
View ArticleVeriSign to Take Down Malware Sites?
This is actually an interesting approach: VeriSign Proposes Takedown Procedures and Malware Scanning for .Com. This leads to the discussion I have so often: What is more important? The single website...
View ArticleUsing the Microsoft Diagnostics and Recovery Toolset (DaRT) for Incident...
A few years ago I posted on DaRT after having seen it: Microsoft Diagnostics and Recovery Toolset. It is a really good an interesting tool for a lot of problems, one of them being incident response. I...
View ArticleClik here to view.
EMET–Protection Against Zero-Days
The Enhanced Mitigation Experience Toolkit is definitely not new but I recently realized that not too many people know about it – and they should. EMET helps you to raise your shields against...
View ArticleClik here to view.
10 Years of Trustworthy Computing at Microsoft
Before joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I...
View ArticleSecurity Updates and Exploit Code
CORRECTION:So far there is “only” Proof of Concept code in the wild, no real exploit. In our last update cycle we published the security bulletin MS12-020 Vulnerabilities in Remote Desktop Could Allow...
View ArticleKeep all your software updated and current
I know that I keep going and going on that. When I talk to customers and mainly to providers of the critical infrastructure about security, one of the key things to me is to keep the software updated....
View ArticleLaptop lost with data for more than 2,000 patients, Boston Children’s reports
What about using Bitlocker???? Laptop lost with data for more than 2,000 patients, Boston Children’s reports One such incident probably pays your Windows 7 migration project – no? Roger
View ArticleBanking Trojan hits banks globally
When I was talking to governments about Flame a few weeks ago, they typically told me that they do not see a lot but that they are heavily concerned about SpyEye and other banking trojans. It is now...
View Article
