Microsoft Switzerland Security Blog

Security informations brought to you by the Swiss Security Team.

Browse by Tags

Related Posts
  • Blog Post: Fewer patches != safer OS

    Does one OS having fewer security patches than another operating system mean that the OS with the fewer patches is the safest OS? You know, I’m not sold on that concept. As we near the first anniversary of the consumer launch of Windows Vista we’ll be seeing pundits all over the media taking a look back...
  • Blog Post: Protecting your computer while travelling

    Protecting computer equipment is something that everyone should be concerned with today. It seems every week there is a news report of another stolen laptop with sensitive or confidential data on it. Here is a checklist that will help you prepare and protect your computer equipment while traveling anywhere...
  • Blog Post: A very long list of new Microsoft products for 2008...

    Bink.nu has an extensive list of new software that Microsoft will be unleashing in the marketplace. See yourself: http://blogs.technet.com/tarpara/archive/2007/12/25/microsoft-s-new-year-is-gonna-bring-a-lot-of-change.aspx Urs
  • Blog Post: Open-source projects certified as secure – huh?

    From the Blog of Michael Howard: I really got a chuckle out of this news item, especially this line: “Coverity, which creates automated source-code analysis tools, announced late Monday its first list of open-source projects that have been certified as free of security defects.” So we finally have...
  • Blog Post: German Police Creating LE Trojan

    German cops are pushing ahead with controversial plans, yet to be legally approved, to develop "remote forensic software" - in other words, a law enforcement Trojan. Leaked documents outline proposals by German firm Digitask to develop software to intercept Skype VoIP communications and SSL transmissions...
  • Blog Post: Minimizing User Rights Can Increase Security

    Taking a least-privilege approach to user accounts is a key part of any in-depth defense strategy, many analysts and security pros say. "I think it's very important … not even just as [a component] of security, but in the broader sense [of] risk posed to the business in IT," said Scott Crawford, an...
  • Blog Post: Windows Server 2008 Security Guide - Beta release now available

    Every day, adversaries are attempting to invade our networks and access our servers, to bring them down, infect them with viruses, or steal information about customers, partners or employees. You are looking at Microsoft Windows Server 2008 to help to address these threats? To assist you in taking full...
  • Blog Post: Identity management critical for security, government IT shops say

    A majority of government IT organizations say identity management is very important to securing their networks and will become even more so over the next five years, but that funding to keep pace is a major impediment to growth. The respondents also said they think identity management is relevant...
  • Blog Post: Protecting Against Terrorism [PDF]

    Centre for the Protection of National Infrastructure: This publication offers security advice and good practice for any organisation looking to protect against the risk of a terrorist act or limit the damage such an incident could cause. It sets out how a security plan might be developed and updated...
  • Blog Post: Application Lockdown with Software Restriction Policies

    When IT professionals look to reduce the total cost of ownership, or TCO, of their desktop machines, there are two key strategies that often come to mind. The first one is to get your desktop users' accounts out of the Administrators group. And the second one is to limit the applications that the users...
  • Blog Post: Ninety-five percent of e-mails sent in 2007 are junk

    Barracuda Networks released its annual spam report, which shows between 90 to 95 percent of all e-mail sent in 2007 is spam. This is based on an analysis of more than 1 billion daily e-mail messages sent to its more than 50,000 customers worldwide. The above figures represent an increase from the...
  • Blog Post: A strong Password isn’t the strongest Security

    Make your password strong, with a unique jumble of letters, numbers and punctuation marks. But memorize it — never write it down. And, oh yes, change it every few months... Yes, that's it? Or not? "Keeping a keylogger off your machine is about a trillion times more important than the strength...
  • Blog Post: Microsoft Security Assessment Tool (MSAT) Version 3.5 released

    Microsoft has released the Microsoft Security Assessment Tool (MSAT) Version 3.5 is released on the Microsoft Download Center. http://www.microsoft.com/downloads/details.aspx?FamilyId=6D79DF9C-C6D1-4E8F-8000-0BE72B430212&displaylang=en . MSAT is targeted for small to mid-sized companies to help...
  • Blog Post: Ballmer Outlines Vision For Next Computing Revolution

    The rise of PCs, graphical user interfaces, the Internet, and Web 2.0 technologies have obviously had major impacts on the IT industry, but according to Microsoft (NSDQ:MSFT) CEO Steve Ballmer, the computing revolution that's about to take place will tie up all the loose ends from previous ones. In...
  • Blog Post: Cyber-Attacks and Cyber-Disasters: Are You Prepared?

    Have you seen the recent television commercial that shows the Pentagon and says, "This building gets attacked 3 million times a day." The sad news is that it's true. Cyber-warfare and cyber-attacks have now become a reality. Ever consider how your business would be impacted if the Internet went away...
  • Blog Post: Microsoft Security Compliance Manager released

    The Security Compliance Manager will help you accelerate knowledge to merge best practices, customize once to centralize decision making, and export to multiple formats to enable monitoring, verification, and compliance. The tool is designed to help accelerate your organization’s ability to efficiently...
  • Blog Post: ITU study group Q.22/1 - Report on best practices for a national approach to cybersecurity

    A management framework for organizing national cybersecurity efforts: http://www.itu.int/ITU-D/cyb/cybersecurity/docs/itu-draft-cybersecurity-framework.pdf Urs
  • Blog Post: THE CABLE GUY: Network Policy Server

    Nothing’s more critical to the health of your enterprise than a secure network, and Network Policy Server (NPS), new in Windows Server 2008, is an important tool for managing access. It lets you implement organization-wide policies, providing centralized authentication, authorization, and accounting...
  • Blog Post: One-fifth of Windows apps go unpatched

    Updates are available, but users haven't installed them, says Secunia. One in five applications installed on Windows PCs are missing security patches, a Copenhagen-based vulnerability tracker has reported. http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9054502&source...
  • Blog Post: Virtualization: What are the security risks?

    Virtualization will become dominant in enterprises, but the security risks are fuzzy at best. Meanwhile, the usual defense–firewalls, security appliances and such aren’t ready for virtualization. http://blogs.zdnet.com/security/?p=821 Urs
  • Blog Post: Enterprise@Risk: 2007 Privacy & Data Protection Survey

    Reportable and multiple privacy breaches rising at alarming rate! Personally identifiable information of customers and employees is being exposed – frequently and repeatedly – potentially putting hundreds of thousands of individuals at risk and exposing organizations to increased liability, according...
  • Blog Post: Infosec/Microsoft: Security community must work together

    Microsoft has called on companies to work together to improve overall security, and not just rely on the police to do it for them. Ed Gibson, Microsoft's chief security advisor in the UK, said during his keynote at Infosecurity Europe 2008 that security affects the entire industry and that companies...
  • Blog Post: The Phishing Guide: Understanding and Preventing Phishing Attacks

    This paper [PDF] covers the technologies and security flaws phishers exploit to conduct their attacks, and provides detailed vendor-neutral advice on what organisations can do to prevent future attacks. Security professionals and customers can use this comprehensive analysis to arm themselves against...
  • Blog Post: The Great Debate: Security by Obscurity

    Security by obscurity is, in a nutshell, a violation of Kerckhoffs' Principle, which holds that a system should be secure because of its design, not because the design is unknown to an adversary. The basic premise of Kerckhoffs' Principle is that secrets don't remain secret for very long. Debate by...
  • Blog Post: So Much Data, So Little Encryption

    If you go solely by top-level stats on encryption use, you'll come away feeling pretty secure — 86 percent of the 499 business technology professionals responding to our InformationWeek Analytics State of Encryption Survey employ encryption of some type. But that finding doesn't begin to tell the real...