Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

Browse by Tags

Related Posts
  • Blog Post: „Scareware“ on the Raise

    We have regular ConfCalls with our security support to exchange trends and issues we see. During the last one we had an interesting discussion I would like to share with you: We seem to get a hell lot of calls mainly from the consumer segment with Virus/Trojan/Spyware infections. The way they get the...
  • Blog Post: Scam Awareness Month in the UK

    I guess you know Get Safe Online in the meantime. They are publishing a lot of good and insightful information. Now, they collaborate with the Office of Fair Trading in the UK for a Scam Awareness Month. Again, there is a log of excellent information on the web for you to look at: Get Safe Online Blog...
  • Blog Post: Security Advisory on the recent Internet Explorer Vulnerability

    I guess you might have seen it by now but if not, please make sure you read and understand the material available: This night we released a Security Advisory on a Vulnerability in Internet Explorer Could Allow Remote Code Execution . The reason for that is that our investigations have shown that this...
  • Blog Post: Internet on Mount Everest

    I already have a problem the way tourism develops on Mount Everest (definitely understanding that some people in the region can make money and a living of it) but now you can even get fast Internet on the base camp: Peak signal: 3G cell service comes to Mount Everest … Is this the way to go? Roger
  • Blog Post: Make Your Influence Positive–Great TV Commercial

    It really made me think… Roger
  • Blog Post: How to manage “Bring your own device”

    A few years back a customer’s CSO left the room when I said that this customer should start thinking about a scenario, where selected users bring their own devices – he called me “nuts”. Well, I think the smartphone area proofed me right. Basically the smartphones were the first Bring Your Own Device...
  • Blog Post: Ten Immutable Laws Of Security (Version 2.0)

    You might have known the 10 Immutable Laws Of Security since quite a while. It is kind of the “collected non-technical wisdom” of what we see in security respeonse being it in Microsoft Security Response Center or in our Security Product Support. There is now a version 2, which is still as important...
  • Blog Post: Security and Usability

    It is not a new concept: The secure way is only secure if it is the easiest way. I have seen a lot of solutions which are extremely secure – in the eyes of the security people. However, the users find a lot of ways to circumvent the security measures because they are too complex to fulfill the business...
  • Blog Post: ATM Skims – would you have figured them?

    I was reading two BBC articles this morning. Wow, this is scary, isn’t it? Look at the pictures below: I do not think that I would have seen that… It even has an integrated camera which is switched on, when you move the card in. That’s the original article: Would You Have Spotted the Fraud? and there...
  • Blog Post: Fighting Crime and Protecting Privacy–a Contradiction?

    I was reading an article today called Does Your ISP Care About Protecting Your Privacy? . An interesting question. The ISPs in the article are even thinking of VPNing all the traffic to avoid the necessity for keeping the logs (or probably better, NATing the whole network). So it seems that the ISPs...
  • Blog Post: Phishing still very effective: 35 cards in 5 hours

    I just read this blog post by ESET laboratories: Inside a phishing attack: 35 credit cards in 5 hours . They analyzed a very poorly designed phishing attack and found that: The first access to the site was on January 20 at 10:01 pm (as seen in picture). The latest registered access was on the same date...
  • Blog Post: Tired of Web 2.0? Kill your Online Identities

    No, this is not a joke. If you are tired of all the discussions about Web 2.0, the privacy breaches and the related problems, you can commit Web 2.0 Suicide. There is a Web 2.0 Suicide Machine – but we warned before you do it – this process seems to work and is not reversible. There is no “undo”! Here...
  • Blog Post: NSA - Best Practices for Keeping Your Home Network Secure

    A good paper: NSA - Best Practices for Keeping Your Home Network Secure Roger
  • Blog Post: Qtel’s Guide to a Faster Internet Experience

    I like that: As you probably know, I did a tour through the Gulf when we launched the Security Intelligence Report last year. One of the reasons was that we know that the Gulf has a pretty high malware infection rate. You can read this in the corresponding blog post: Security Intelligence Report v5 Live...
  • Blog Post: IE Vulnerability: Going Out of Band

    Just to make sure you have seen that: We just released a blog Security Advisory 979352 – Going out of Band Quoting the blog: Based on our comprehensive monitoring of the threat landscape we continue to see very limited, and in some cases, targeted attacks.  To date, the only successful attacks that...
  • Blog Post: Security Intelligence Report: “Scareware” on the Raise

    You know that we release our Security Intelligence Report twice an year: Today Version 6 is due. Let me try to give you an overview of the “highlights” of the report from my point of view: As I wrote in the title and as I blogged about this summer ( „Scareware“ on the Raise ) one if the biggest growing...
  • Blog Post: Microsoft Security Essentials – Coming even closer to you

    Today we were adding 17 additional markets to our Microsoft Security Essentials offering. I am really excited about that as all these markets are in EMEA: Algeria, Bahrain, Egypt, India, Jordan, Kuwait, Lebanon, Morocco, Oman, Pakistan, Qatar, Romania, Russia, Saudi Arabia, South Africa, Tunisia, and...
  • Blog Post: Lessons from Some of the Least Malware Infected Countries in the World

    Over the course of the last few years we have seen some countries having constantly low infection rates. So, our team in Trustworthy Computing started to ask the question why this is the case. The countries are Austria, Finland, Germany and Japan. I think it is worth y look at them: Part 1: Introduction...
  • Blog Post: Finally I have the app: TouchMountain–a “must have” (at least for me)

    As I said in one of my recent posts Comparing Windows Phone 7 and iPhone , there are very few apps I am (and now was) missing on my Windows Phone 7 compared to what I know of the iPhone Apps. Actually the one which I was really missing was something like Peaks on the iPhone (even though some friends...
  • Blog Post: The Growth of the Tablet Market

    You know that we have Tablet PCs since Windows XP and I think I did not have many PCs at Microsoft which were not tablets. How often do I use them as a tablet? Not too often but when I am in a customer meeting and do not use my notebook to present, I use it to take notes. That’s basically to me the application...
  • Blog Post: Is the online world more dangerous?

    I often hear statements that the risk of losing your identity or being a victim of fraud is much higher online than offline. From my point of view it is more about the feelings of the consumer: In the real world, we know the risks – at least we learned them over the ages from our parents and we learned...
  • Blog Post: The Africa Cable – A Chance for Africa! – A Threat for the Internet?

    The development in Africa especially with the new broadband services to me is a huge chance for the whole continent. I just found this map on the next two years: source: IntelFusion Even though I have not been in Africa over the last few months, I heard that in different cities fiber is brought...
  • Blog Post: Get Safe Online – This Week

    We see this concept all over Europe: There are National Security Awareness Days (or how ever they are called) in a lot of European countries. During these events, the industry (from software to banking to government to …) gets together to raise awareness on the most important trends, criminals explore...
  • Blog Post: Are You Focused On The Wrong Security Risks?

    There is an good article on CIO Central: Are You Focused On The Wrong Security Risks? An interesting discussion and I part agree that we have to challenge the way we look at the security risks. I would even broaden the questions he raises. When I talk about industry trends, which impact your risk landscape...
  • Blog Post: Do We Really Want Privacy?

    I really love reading Kim Cameron’s Identity Weblog . Fairly often it is thought provoking… He recently wrote about his experience with the new iPhone privacy policy: Apple giving out your iPhone fingerprints and location . He was one (probably of the very few) reading the privacy policy and found the...