Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Options
Search Blogs
Tags
Archive
Archives

Roger's Security Blog

TechNet Blogs » Roger's Security Blog
Sort by: Most Recent | Most Views | Most Comments
Excerpt View | Full Post View

  • Office 365 Single Sign-On with AD FS 2.0 whitepaper

    Posted over 2 years ago
    by rhalbheer}
    Sorry, I did not blog for quite a while. When looking at the Cloud, one of the key challenges to address - in my opinion - is how to manage the identity of the different users. If you have to add an additional identity to all the logons you already have...

  • Internet Explorer aces security test as Google faces accusations

    Posted over 2 years ago
    by rhalbheer}
    I mean, I obviously like this article: Internet Explorer aces security test as Google faces accusations as it has a nice quote to start with: Internet Explorer 9 should be the go-to browser for organizations concerned about protecting machines from malicious...

  • Windows 8 Consumer Preview

    Posted over 2 years ago
    by rhalbheer}
    Just got the date confirmed: The Windows 8 Consumer Preview will be available on February 29th. I am looking forward to this next exciting step toward the final version!! Stay tuned!

  • 10 Years of Trustworthy Computing at Microsoft

    Posted over 3 years ago
    by rhalbheer}
    Before joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft...

  • 10 Reasons to migrate off Windows XP

    Posted over 3 years ago
    by rhalbheer}
    I would like you to sit back, close your eyes and think about the year 2001. Think about how you used technology back then, how you used the Internet. Now, let’s take it a little bit further back in history and think of the year 2000. Just after we realized...

  • Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and Security

    Posted over 3 years ago
    by rhalbheer}
    A long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things: Office 365 is compliant with EU Model...

  • Implementing the Top 4 Defense Strategies

    Posted over 3 years ago
    by rhalbheer}
    The Australian Defense Signals Directorate maintains a list of the Top 35 Mitigation Strategies against targeted intrusions. This is just a reference to the top strategies: Patch Applications Patch the Operating System Minimize the use of local admin...

  • Council of Europe Octopus Conference- Some Thoughts

    Posted over 3 years ago
    by rhalbheer}
    l am still sitting in the parliament room of the Council of Europe at the celebration event for the Budapest Convention. It was another very good event advancing the challenges fighting Cybercrime. Let me try to summarize a few thoughts: The Budapest...

  • Cooperation against Cybercrime- Octopus Conference

    Posted over 3 years ago
    by rhalbheer}
    lt is time again! The Council of Europe Octopus Conference on Cooperation against Cybercrime is taking place this week. This year it is even the 10th anniversary of the Budapest Convention. Therefore a broad country of legal, law enforcement and private...

  • Cyber War Will Not Take Place

    Posted over 3 years ago
    by rhalbheer}
    I have to admit – it is not my title but it caught my attention. Over the course of the last few years, the term “Cyberwar” came up all over the place. I was recently reading a book on it, where there was a chapter called “Definition of Cyberwar” and...

  • How to manage “Bring your own device”

    Posted over 3 years ago
    by rhalbheer}
    A few years back a customer’s CSO left the room when I said that this customer should start thinking about a scenario, where selected users bring their own devices – he called me “nuts”. Well, I think the smartphone area proofed me right. Basically the...

  • Finally I have the app: TouchMountain–a “must have” (at least for me)

    Posted over 3 years ago
    by rhalbheer}
    As I said in one of my recent posts Comparing Windows Phone 7 and iPhone , there are very few apps I am (and now was) missing on my Windows Phone 7 compared to what I know of the iPhone Apps. Actually the one which I was really missing was something like...

  • Connecting with your Windows Phone 7

    Posted over 3 years ago
    by rhalbheer}
    I tried to convince my wife that using the Windows Phone 7 to keep track of the shopping to do is a cool idea. Well, she is not there (yet). And now I saw the latest commercial… Probably I should convince my kids, not my wife Roger

  • Cybersecurity–More than a good headline

    Posted over 3 years ago
    by rhalbheer}
    A lot of governments all across the globe are working on starting, restarting or pushing their Cybersecurity initiative. What often concerns me is, that the last real headline has more impact on the strategy and the themes to be addressed than a structure...

  • Microsoft Security Compliance Manager 2 ready for download

    Posted over 3 years ago
    by rhalbheer}
    If you are a regular reader of my blog, you should know the Security Compliance Manager (if you are not, you should become a regular reader of my blog ). Version 2 of the Microsoft Security Compliance Manager (SCM 2) is now available for download. If...

  • EMET–Protection Against Zero-Days

    Posted over 3 years ago
    by rhalbheer}
    The Enhanced Mitigation Experience Toolkit  is definitely not new but I recently realized that not too many people know about it – and they should. EMET helps you to raise your shields against zero-days and any exploit in the wild. I do not say that...

  • Moving from Linux to Windows

    Posted over 3 years ago
    by rhalbheer}
    I know, that’s the second time now I am doing this comparison thingy and I promise that I will stop again and deliver you a cool tool as the next post but I read this article: Why I’ve finally had it with my Linux server and I’m moving back to Windows...

  • Comparing Windows Phone 7 and iPhone

    Posted over 3 years ago
    by rhalbheer}
    Well, I have to admit – I am biased. I never used an iPhone in my life and based on my experience with my iPod, I hope I never have to, but who knows. I really do not like the UI which – to me – is everything but user friendly and the worst thing with...

  • Another Cyberwarfare School–better keep them employed!

    Posted over 3 years ago
    by rhalbheer}
    A lot of countries are currently looking at their capabilities to defend their networks as well as leveraging technology for offense doing “Cyberwarfare”. Let’s now not debate where this starts or ends… Pakistan is another example: Pakistan to open cyber...

  • Using the Microsoft Diagnostics and Recovery Toolset (DaRT) for Incident Response

    Posted over 3 years ago
    by rhalbheer}
    A few years ago I posted on DaRT after having seen it: Microsoft Diagnostics and Recovery Toolset . It is a really good an interesting tool for a lot of problems, one of them being incident response. I just stumbled across one article describing this...

  • VeriSign to Take Down Malware Sites?

    Posted over 3 years ago
    by rhalbheer}
    This is actually an interesting approach: VeriSign Proposes Takedown Procedures and Malware Scanning for .Com . This leads to the discussion I have so often: What is more important? The single website or the greater good? Now, do not get me wrong: I see...

  • German’s Government-Created Trojan Vulnerable

    Posted over 3 years ago
    by rhalbheer}
    It is not that rare for Law Enforcement that they use software to spy in the case of severe accusations like terrorism. What is kind of surprising is the level of sophistication some of these Trojans seem to have – and not necessarily to the good side...

  • Why Patents are not here to be violated: Google’s challenges with Android

    Posted over 3 years ago
    by rhalbheer}
    Interesting: Microsoft takes the Android profit, the Wonkas take the pain I quote: Yet Android costs Google billions, without drawing revenue. Microsoft is making half a billion a year from Android. The settlement with Oracle, when it eventually comes...

  • Hackers using QR Codes to Push Malware

    Posted over 3 years ago
    by rhalbheer}
    Always something new… As these kinds of codes are mainly used on mobile phones (or only used on mobile phones) the malware actually addresses smartphones “only” – in this case Android: Hackers using QR codes to push Android malware . If you use a code...

  • Less Spam? Another Successful Botnet Takedown!

    Posted over 3 years ago
    by rhalbheer}
    Our Digital Crimes Unit just took down another one: After Rustock and Waladec, now comes Kelihos. This is another great success in fighting criminals. If you want to read more: Microsoft Neutralizes Kelihos Botnet, Names Defendant in Case Roger