Microsoft Switzerland Security Blog

Security informations brought to you by the Swiss Security Team.

Browse by Tags

Related Posts
  • Blog Post: APWG Releases Phishing Activity Trends

    The Anti-Phishing Working Group (APWG) has just released their Phishing Activity Trends Report for the month of December. Overall, the report showed a decrease in activity from the previous month; however, there were a few notable exceptions. It appears the number of unique phishing sites has increased...
  • Blog Post: Microsoft scoops up rootkit finder Komoku

    The start-up's rootkit detection technology will be added into Microsoft's Windows Live OneCare and Forefront security products. http://www.news.com/8301-13860_3-9899808-56.html?part=rss&subj=news&tag=2547-1_3-0-5 Urs
  • Blog Post: Microsoft Freshens Retro Code Lock-Down Tool

    Microsoft has released a new version of a software tool that developers and administrators can use to harden older applications against common vulnerabilities. Short for Enhanced Mitigation Experience Toolkit, EMET version 2.0 brings several new protections to operating systems and applications such...
  • Blog Post: Microsoft out-of-band security bulletin release for IE

    Microsoft has released an out-of-band security bulletin on March 30, 2010. The bulletin is being released to address new attacks against customers of Internet Explorer. Users of Internet Explorer 8 and Windows 7 are not vulnerable to these current attacks. However, the released update contains fixes...
  • Blog Post: A very long list of new Microsoft products for 2008...

    Bink.nu has an extensive list of new software that Microsoft will be unleashing in the marketplace. See yourself: http://blogs.technet.com/tarpara/archive/2007/12/25/microsoft-s-new-year-is-gonna-bring-a-lot-of-change.aspx Urs
  • Blog Post: Microsoft Forefront Integration Kit for Network Access Protection

    The Microsoft Forefront Integration Kit for Network Access Protection provides a way for two Microsoft technologies to work together: Forefront Client Security and Network Access Protection (NAP). Forefront Client Security is comprehensive anti-malware software from Microsoft that provides unified protection...
  • Blog Post: New Method IDs Phishing, Malicious Domains

    At a closed-door security summit hosted on Yahoo’s Sunnyvale campus last week, a researcher demonstrated a new technique to more easily identify phishing and other malicious Websites. Dan Hubbard, vice president of security research for Websense, showed a tool Websense researchers have built that...
  • Blog Post: Minimizing User Rights Can Increase Security

    Taking a least-privilege approach to user accounts is a key part of any in-depth defense strategy, many analysts and security pros say. "I think it's very important … not even just as [a component] of security, but in the broader sense [of] risk posed to the business in IT," said Scott Crawford, an...
  • Blog Post: Europe still top source of spam

    European spam networks have pumped out more unsolicited e-mail than those in the U.S. for the third month in a row, according to security vendor Symantec. Symantec called this a "significant shift" in spam trends as, historically, compromised U.S. computers have been used to send spam, and many spammers...
  • Blog Post: IT security guide: Understanding cyber-risks means knowing what questions to ask

    A good place for senior executives to start in trying to understand their companies' financial exposure to cyberthreats is by getting an overall assessment — not just from IT, but also from business units and corporate operations such as the human resources, legal and public relations departments. ...
  • Blog Post: Conficker's First Birthday Looms - Seven Million IPs Still Infected

    As Conficker approaches the first anniversary of its appearance in the wild, the Shadowserver Foundation says that at least seven million IP addresses — each representing one or more computers — are now infected by the worm. http://www.infosecurity-magazine.com/view/4941/confickers-first-birthday-looms...
  • Blog Post: To defeat a malicious botnet, build a friendly one

    Beating the "botnets"–armies of infected computers used to attack websites–requires borrowing tactics from the bad guys, say computer security researchers. A team at the University of Washington, US, wants to marshal swarms of good computers to neutralize the bad ones. They say their plan would be...
  • Blog Post: New massive Botnet twice the size of Storm

    A new botnet twice the size of Storm has ballooned to an army of over 400,000 bots, including machines in the Fortune 500, according to botnet researchers at Damballa. The so-called Kraken botnet has been spotted in at least 50 Fortune 500 companies and is undetectable in over 80 percent of machines...
  • Blog Post: Web 2.0, meet Internet attack 2.0

    The glitzy, interactive abilities of Web 2.0 have led to a profusion of new applications, but the technology also is bringing a new era of security vulnerabilities, a security researcher warned Wednesday. "Security was a challenge to begin with, but if anything it's getting harder in the Web 2.0 world...
  • Blog Post: Covert channel vulnerabilities in anonymity systems

    Excerpt: The spread of wide-scale Internet surveillance has spurred interest in anonymity systems that protect users’ privacy by restricting unauthorized access to their identity. This requirement can be considered as a flow control policy in the well established field of multilevel secure systems. I...
  • Blog Post: Windows 7 Security Story May Appeal to Enterprises

    The Windows 7 security story has three main chapters that have received a fair amount of attention: DirectAccess, BitLocker To Go, and AppLocker. With these, as well as features such as BranchCache and enhancements to UAC (user account control), officials at Microsoft have said they feel they are pushing...
  • Blog Post: Windows 7 almost five times more secure than XP

    CNET: Windows 7 almost five times more secure than XP Those are the findings of Microsoft's latest Security Intelligence Report, which detailed in depth the state of software vulnerabilities, exploits, security breaches, and malware in 2010. http://news.cnet.com/8301-1009_3-20063220-83.html#ixzz1MXpezMKz...
  • Blog Post: Microsoft Malware Removal Starter Kit (2008-06)

    Many small- and medium-sized organizations use antivirus software, and yet new viruses, worms, and other forms of malicious software (malware) continue to infect large numbers of computers in these Organizations. Malware proliferates at alarming speed and in many different ways, which makes it Particularly...
  • Blog Post: Trojans Dominated Malware Threats in Dec. '08

    Sunbelt Software has released its monthly data dump that charts the most commonly observed malware and spyware threats, and, as has been the case for a good while, trojan attacks continued to lead the way across the Top Ten rankings during Dec. 2008. http://securitywatch.eweek.com/exploits_and_attacks...
  • Blog Post: The Microsoft Security Update Guide

    This guide was designed to help IT professionals better understand and use Microsoft security release information, processes, communications, and tools. Our goal is to help IT professionals manage organizational risk and develop a repeatable, effective deployment mechanism for security updates. http...
  • Blog Post: VBootkit vs. Bitlocker in TPM mode

    "So at HITB in Dubai this week - some researchers announced a proof of concept 'bootkit' for Vista. A bootkit is a rootkit that is able to load from a master boot record and persist in memory all the way through the transition to protected mode and the startup of the OS. It's a very interesting type...
  • Blog Post: Microsoft Security Compliance Manager released

    The Security Compliance Manager will help you accelerate knowledge to merge best practices, customize once to centralize decision making, and export to multiple formats to enable monitoring, verification, and compliance. The tool is designed to help accelerate your organization’s ability to efficiently...
  • Blog Post: Anatomy of a SQL Injection Incident

    Blog Posting from Neil Carpenter: "A number of people are reporting that 10K+ Web sites have been hacked via a SQL injection attack that injected a link to a malicious .js file into text fields in their database. Since the CSS Security team here at Microsoft worked with several of these incidents...
  • Blog Post: THE CABLE GUY: Network Policy Server

    Nothing’s more critical to the health of your enterprise than a secure network, and Network Policy Server (NPS), new in Windows Server 2008, is an important tool for managing access. It lets you implement organization-wide policies, providing centralized authentication, authorization, and accounting...
  • Blog Post: Beta release of Microsoft Windows Live OneCare 2.5

    A beta release of Windows Live OneCare 2.5, Microsoft's automated security suite for home users and small businesses, is available for testing from the Microsoft Connect Web site. Microsoft stated through its blog that there is little apparent difference between the beta and standard versions. http...