Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

Browse by Tags

Related Posts
  • Blog Post: Is there a Botnet building on MS08-067 exploits?

    There are a lot of reports on a Botnet building on the back of exploits targeting MS08-067: New Windows worm builds massive botnet MS08-067 Vulnerability: Botnets Reloaded Bots exploiting Microsoft's latest RPC flaw Exploit-MS08-067 Bundled in Commercial Malware Kit Time for forced updates? Conficker...
  • Blog Post: SPAM moving to SMS?

    Well, I do not hope and I do not expect it to. Why? Well, mobile text messages are not free – mails are (at least kind of). Nevertheless, if the "vulnerability" is within the mobile provider, all of a sudden, SMS could become a real SPAM channel. Recently happened in China: China to Probe Online Text...
  • Blog Post: Results of Operation b49 (Botnet Takedown)

    On February 24th we announced the work we did on taking down Waledac – read Tim Cranton’s blog post called Cracking Down on Botnets . Now it is time to look back and try to understand what we learned so far. sudosecure traces the Waledac infections and give a good view of new infections by the bot: But...
  • Blog Post: Success against Cybercrime

    I just read this article E-crime unit arrests suspected phishing gang , which shows that we are making progress in fighting cybercrime. Very good news Roger
  • Blog Post: Security Advisory on the recent Internet Explorer Vulnerability

    I guess you might have seen it by now but if not, please make sure you read and understand the material available: This night we released a Security Advisory on a Vulnerability in Internet Explorer Could Allow Remote Code Execution . The reason for that is that our investigations have shown that this...
  • Blog Post: Analysis of the Estonian Attacks

    I just read a paper on the political analysis of the Estonian Attack. If you are interested reading my post on my other blog (as the analysis is not really technical but interesting) there you go: Analysis of the Estonian Attacks Roger
  • Blog Post: How critical are the Undersea Cables?

    OK, I think I need to take this up a little bit as well. Let's look into what happened over the last few days. I think up to now we ended up with five cables cut in the Middle East. So, there are a lot of theories who was actually damaging those cables. The best one comes from WSJ J But there were...
  • Blog Post: EISAS – European InformationSharing and Alert System – an ENISA Feasibility Study

    ENISA just recently published a pretty interesting study with the title EISAS – European Information Sharing and Alert System . I think that it is definitely worth looking into Roger
  • Blog Post: The Future of Cybercrime

    If you do not know this blog, it is definitely worth looking at it from time to time: Paleo-Future . There I found a prediction on cybercrime dated 1981: It describes the impact of computers in the “future” – say today. If you click on the picture, you can see the original. There is a good quote in there...
  • Blog Post: How to Hack Windows Vista

    No, no. For sure. I am not going to give you advise how to hack – but look at this video: http://www.offensive-security.com/movies/vistahack/vistahack.html . I am always amazed about these kind of videos, which still surprise people. If look years back, we published the 10 Immutable Laws of Security...
  • Blog Post: Spying on Smartphones

    I was recently at an event for Law Enforcement where one of the discussion points was how critical it is to protect Smartphones – actually it was more about how easy to would be to claim that my Smartphone was hacked and how proof can be found. That you should run Anti-Malware software on phones, is...
  • Blog Post: Selling Vulnerabilities and Ethics

    Shoaib just blogged on Hacking & Security Community - Ethical or Unethical? . To start with: I do not claim that I know all about ethics and that there is only one view on ethics but I have a clear view on certain things. I blogged on this theme several times already and made my points pretty clear...
  • Blog Post: Update on our Piracy Strategy - Important Changes to WGA

    From time to time people ask me about piracy and security. Let's start with piracy first. If you look at the 2007 Global Piracy Study by BSA , the numbers are frightening. Looking at EMEA, it starts with Moldova on 94% pirated software to Denmark with 25% (which is still every fourth copy!) - the...
  • Blog Post: Support for Law Enforcement and COFEE

    Over the last few weeks there has been a lot of chatter about a tool we provide in a Beta version to Law Enforcement called COFEE: Computer Online Forensic Evidence Extractor. Let me give you some information on COFEE and put it into the proper context. I am personally convinced that every company...
  • Blog Post: Storm coming back?

    I just read first reports that Storm is coming back as we speak. This is frightening but shows the power and possibilities of the criminals as well. I have no information yet how bad it looks like, just read the following report: The Storm Worm would love to infect you Roger
  • Blog Post: What is more important: Security or Privacy?

    This is basically a very interesting and pretty fundamental question for the society. After 9/11 the US changed the way they work significantly. Just as an example: Airlines had to give the US government information about passengers flying to the US that actually violate the privacy laws in Europe. So...
  • Blog Post: Security not only a Microsoft problem – iPhone finally rooted

    It was to be expected – not because Apple built bad security in their iPhone, I am definitely not in the position to judge, but because it was going to happen. Any software product is going to have vulnerabilities as a matter of fact. The more attractive a device or a piece of software is, the more likely...
  • Blog Post: How to Build a Bomb

    Well, only partly. I commented several times already about WabiSabiLabi. I especially like their statement "closer to zero risk". At the moment there is an SAP vulnerability at stake. It is initially priced on €4'000. If you read their blog, Focus on: SAP MaxDB remote code execution , it seems to be...
  • Blog Post: Targeted Attacks – the “Real” Problem

    When I talk to customers, the different attacks are often something we discuss (obviously). I often mention that Virus and Worm attacks on a broad scale (like Conficker etc.) are a serious problem but at least one we see, one we understand and one we can fight (because we see and understand it). However...
  • Blog Post: Technology in the Mumbai Attacks

    One of the questions I often get is my position on Cyber-Terrorism. I doubt that there will be “isolated” technology-related terrorism. What we see much more is the use of high-tech during classical terrorism attacks. If you look at the recent terrorism events in Mumbai, there was some pretty interesting...
  • Blog Post: How long does it take to hack a Power Plant?

    I start to get scared – more and more. Back in September I blogged on Critical Infrastructure Protection – Live which shows what would happen if somebody would be able to tamper with power generators. Now, during RSA there was a guy called Ira Winkler telling the audience that they had the job to do...
  • Blog Post: SANS Top 25 Most Dangerous Programming Errors – the same as very often…

    I just worked my way through the list SANS published . Looking at the list it is not surprising but scary to see which errors made it to the top of the list: Cross-site Scripting SQL Injection Classic Buffer Overflow Cross-Site Request Forgery Improper Access Control It shows as we often say that the...
  • Blog Post: ATM Skims – would you have figured them?

    I was reading two BBC articles this morning. Wow, this is scary, isn’t it? Look at the pictures below: I do not think that I would have seen that… It even has an integrated camera which is switched on, when you move the card in. That’s the original article: Would You Have Spotted the Fraud? and there...
  • Blog Post: The Economy of Cyber-Crime

    Since quite some time as Chief Security Advisor, I am working to support Law Enforcement. We are supplying training, giving technical support as needed and are staying in close contact as well as soon as we decide to file a criminal complaint. This happens especially if we are phished (we being Hotmail...
  • Blog Post: What can you do if you are a victim of e-crime?

    I think that there is a very good example of how a platform could be offered for victims of cyber crime. There are often questions around: What are my rights? What can I do if something bad happens? Who is here to help?... www.e-victims-org offers answers to a lot of questions like those and offers...