|
||||||
Consumerization of IT–How to address thisBring Your Own Device or Consumerization of IT are fairly hot themes in a lot of customer organizations. When I talk to customers, there are typically different reactions, once we bring this up. Some tell us, that it is not part of their strategy; some tell us that they plan to do it but that they have a hard time figuring out, how to secure such an environment; very, very ... 
10 Years of Trustworthy Computing at MicrosoftBefore joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this was 2001). Mainly they were along two lines: Oh, you are joining a desktop company? ... 
10 Reasons to migrate off Windows XPI would like you to sit back, close your eyes and think about the year 2001. Think about how you used technology back then, how you used the Internet. Now, let’s take it a little bit further back in history and think of the year 2000. Just after we realized that the Year-2000-Problem was handled very well by the industry. How you used technology, how you used the Internet, the ... 
Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and SecurityA long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things: Office 365 is compliant with EU Model Clauses, Data Processing Agreements and ISO 27001 among other standards. Office 365 is the first and only major ... 
It seems that RSA got attacked and might have lost some information. They actually took a really courageous step and went public and the Executive Chairman wrote an open letter. To quote: While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA . . . → Read More: Effectiveness of SecureID reduced? FTC released their Consumer Sentinel Network Data Book for January – December 2010. The interesting and scary thing is that fraud via phone is on the raise. We get more and more complaints by customers as well, telling us that they got a call from “Microsoft” with the ask for getting access to the PC . . . → Read More: Fraud via Phone on the Raise Botnets are one of the toughest problems in the world of Cybercrime today. At least, this is what we think… ENISA just published an interesting paper called Botnets: 10 Tough Questions, which raise questions about e.g. the size of botnets or better the way the size is estimated etc. Basically the 10 questions are: HOW . . . → Read More: 10 Tough Botnet Questions A fairly interesting thriller on the Internet. It just shows that we need better ways to collaborate between private and public sector and to hunt criminals: How one man tracked down Anonymous—and paid a heavy price Scary… Roger That’s obvious as people probably tend to want to trust more, the worse their situation is. Nevertheless it is even more disgusting going after the desperate! Cybercrime: A Recession-Proof Growth Industry Roger I just read this blog post by ESET laboratories: Inside a phishing attack: 35 credit cards in 5 hours. They analyzed a very poorly designed phishing attack and found that: The first access to the site was on January 20 at 10:01 pm (as seen in picture). The latest registered access was on the same . . . → Read More: Phishing still very effective: 35 cards in 5 hours I blogged about my attendence at the above mentioned UNODC meeting. This is a short summary on how I preceived the meeting. . . . → Read More: Conclusion on UNODC: Open Ended Expert Group on Cybercrime As attacks are moving up the stack, PDF becomes the number 1 exploited file type. Make sure you patch all your applications . . . → Read More: Attacks on Application Level From tomorrow on, UNDOC invited for an Open Ended Expert Group on Cybercrime in Vienna. I am really interested in seeing hoe these discussions will go. If – by any chance – you are there as well, please ping me and we will have a chat. Otherwise, I will see what I can blog about. . . . → Read More: UNODC: Open Ended Expert Group on Cybercrime It is not really surprising that the criminals will leverage the economy of Cloud Computing for their illegal purposes. Especially activities, which consume a lot of processor power will be moved to the Cloud – like any other business. Some way back, there were discussions on how to leverage GPUs to crack passwords: Graphics Cards . . . → Read More: Cybercrime as a Service–Our Future? |
|
|||||
|
Copyright © 2012 Roger Halbheer on Security - All Rights Reserved Powered by WordPress & Atahualpa |
||||||
