Consumerization of IT–How to address this
Bring Your Own Device or Consumerization of IT are fairly hot themes in a lot of customer organizations. When I talk to customers, there are typically different reactions, once we bring this up. Some tell us, that it is not part of their strategy; some tell us that they plan to do it but that they have a hard time figuring out, how to secure such an environment; very, very ...
10 Years of Trustworthy Computing at Microsoft
Before joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this was 2001). Mainly they were along two lines: Oh, you are joining a desktop company? ...
10 Reasons to migrate off Windows XP
I would like you to sit back, close your eyes and think about the year 2001. Think about how you used technology back then, how you used the Internet. Now, let’s take it a little bit further back in history and think of the year 2000. Just after we realized that the Year-2000-Problem was handled very well by the industry. How you used technology, how you used the Internet, the ...
Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and Security
A long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things: Office 365 is compliant with EU Model Clauses, Data Processing Agreements and ISO 27001 among other standards. Office 365 is the first and only major ...
By Roger Halbheer, on March 18th, 2011% It seems that RSA got attacked and might have lost some information. They actually took a really courageous step and went public and the Executive Chairman wrote an open letter. To quote:
While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA . . . → Read More: Effectiveness of SecureID reduced?
By Roger Halbheer, on March 10th, 2011% FTC released their Consumer Sentinel Network Data Book for January – December 2010. The interesting and scary thing is that fraud via phone is on the raise. We get more and more complaints by customers as well, telling us that they got a call from “Microsoft” with the ask for getting access to the PC . . . → Read More: Fraud via Phone on the Raise
By Roger Halbheer, on March 8th, 2011% Botnets are one of the toughest problems in the world of Cybercrime today. At least, this is what we think… ENISA just published an interesting paper called Botnets: 10 Tough Questions, which raise questions about e.g. the size of botnets or better the way the size is estimated etc. Basically the 10 questions are:
HOW . . . → Read More: 10 Tough Botnet Questions
By Roger Halbheer, on February 10th, 2011% A fairly interesting thriller on the Internet. It just shows that we need better ways to collaborate between private and public sector and to hunt criminals: How one man tracked down Anonymous—and paid a heavy price
Scary…
Roger
By Roger Halbheer, on February 9th, 2011% That’s obvious as people probably tend to want to trust more, the worse their situation is. Nevertheless it is even more disgusting going after the desperate!
Cybercrime: A Recession-Proof Growth Industry
Roger
By Roger Halbheer, on January 27th, 2011% I just read this blog post by ESET laboratories: Inside a phishing attack: 35 credit cards in 5 hours.
They analyzed a very poorly designed phishing attack and found that:
The first access to the site was on January 20 at 10:01 pm (as seen in picture). The latest registered access was on the same . . . → Read More: Phishing still very effective: 35 cards in 5 hours
By Roger Halbheer, on January 20th, 2011% I blogged about my attendence at the above mentioned UNODC meeting. This is a short summary on how I preceived the meeting. . . . → Read More: Conclusion on UNODC: Open Ended Expert Group on Cybercrime
By Roger Halbheer, on January 18th, 2011% As attacks are moving up the stack, PDF becomes the number 1 exploited file type. Make sure you patch all your applications . . . → Read More: Attacks on Application Level
By Roger Halbheer, on January 16th, 2011% From tomorrow on, UNDOC invited for an Open Ended Expert Group on Cybercrime in Vienna. I am really interested in seeing hoe these discussions will go. If – by any chance – you are there as well, please ping me and we will have a chat.
Otherwise, I will see what I can blog about. . . . → Read More: UNODC: Open Ended Expert Group on Cybercrime
By Roger Halbheer, on January 12th, 2011% It is not really surprising that the criminals will leverage the economy of Cloud Computing for their illegal purposes. Especially activities, which consume a lot of processor power will be moved to the Cloud – like any other business.
Some way back, there were discussions on how to leverage GPUs to crack passwords: Graphics Cards . . . → Read More: Cybercrime as a Service–Our Future?
|
|
|