See all products »
Curah! curation service
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Server and Tools Blogs
TechNet Flash Newsletter
Cloud and Datacenter
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Microsoft Download Center
TechNet Evaluation Center
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Second shot for certification
Born To Learn blog
Find technical communities in your area
For small and midsize businesses
For IT professionals
For technical support
For home users
Microsoft Premier Online
Microsoft Fix It Center
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Roger's Security Blog
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Chief Security Advisor
Critical Infrastructure Protection
Freedom of Speech
Securing My Infrastructure
Security Intelligence Report
Browse by Tags
Roger's Security Blog
Results of Operation b49 (Botnet Takedown)
On February 24th we announced the work we did on taking down Waledac – read Tim Cranton’s blog post called Cracking Down on Botnets . Now it is time to look back and try to understand what we learned so far. sudosecure traces the Waledac infections and give a good view of new infections by the bot: But...
20 Mar 2010
UNODC: Open Ended Expert Group on Cybercrime
From tomorrow on, UNDOC invited for an Open Ended Expert Group on Cybercrime in Vienna. I am really interested in seeing hoe these discussions will go. If – by any chance – you are there as well, please ping me and we will have a chat. Otherwise, I will see what I can blog about. But at least it is a...
16 Jan 2011
Success against Cybercrime
I just read this article E-crime unit arrests suspected phishing gang , which shows that we are making progress in fighting cybercrime. Very good news Roger
7 Aug 2010
Analysis of the Estonian Attacks
I just read a paper on the political analysis of the Estonian Attack. If you are interested reading my post on my other blog (as the analysis is not really technical but interesting) there you go: Analysis of the Estonian Attacks Roger
21 May 2008
Armored truck robber uses Craigslist to make getaway
This is really clever (sounds like Hollywood but it seems to be real): In a move that could be right out of a Hollywood movie, a brazen crook apparently used a Craigslist ad to hire a dozen unsuspecting decoys to help him make his getaway following a robbery outside a bank on Tuesday. He then made...
5 Oct 2008
Support for Law Enforcement and COFEE
Over the last few weeks there has been a lot of chatter about a tool we provide in a Beta version to Law Enforcement called COFEE: Computer Online Forensic Evidence Extractor. Let me give you some information on COFEE and put it into the proper context. I am personally convinced that every company...
14 May 2008
What is more important: Security or Privacy?
This is basically a very interesting and pretty fundamental question for the society. After 9/11 the US changed the way they work significantly. Just as an example: Airlines had to give the US government information about passengers flying to the US that actually violate the privacy laws in Europe. So...
17 Jan 2008
Conclusion on UNODC: Open Ended Expert Group on Cybercrime
I told you that I will attend the UNODC: Open Ended Expert Group on Cybercrime , which is now slowly coming to an end. Let me draw a few conclusions on the meeting. It was not the first UN meeting I attended and – depending on the audience – the discussion can easily result an long political debates...
20 Jan 2011
Facebook Implements Microsoft’s PhotoDNA Technology
This is actually a great development to fight Child Porn: Facebook adopts PhotoDNA and joins Microsoft and The National Center for Missing & Exploited Children to disrupt the proliferation of online child exploitation. You find the information here . Roger
20 May 2011
Lottery Scams – One of the Biggest Threat to End Users
I just want to tell you that I will retire. Yes, sure! I just won twice in a lottery. I just have to make sure that all the taxes and insurance policies are paid… You know them as well, don’t you? The mails you get to tell you that you won in a lottery (maybe from Microsoft). From what we know today...
5 Nov 2008
COFEE now distributed via a NW3C as well
COFEE is a tool available to Law Enforcement only to capture online evidence with a little training as possible. The idea behind the tool is, that there is little need for high-trained staff to be available during e.g. house searches and that a normal, much less trained officer can capture all the data...
16 Oct 2009
Mandatory Keyloggers in Cyber Cafes
It is pretty well-known that there is a high risk of keystroke loggers in Cyber Cafés. That they are declared mandatory in a country however is pretty tough stuff: http://yro.slashdot.org/firehose.pl?id=281251&op=view Roger
11 Sep 2007
Nigeria: I told you they are serious
Remember my blog post where I told you not to forget countries like Nigeria ( I was visiting Nigeria – watch out! )? They really seem to be serious. In the last few weeks we had some troubles getting hold of the head of EFCC (I will tell you more in a week) and now, we have at least some suspicion why...
13 Dec 2007
Fighting Spam Internationally
There are different ways how to deal with Spam. One is, to eat it (yes, I know it is an old joke but I still like it…) – see the " official SPAM website " J If it comes down to e-mail SPAM, the problem is different: Most of the ISPs today are using technical means (say: SPAM Filter), the users...
10 Oct 2007
VeriSign to Take Down Malware Sites?
This is actually an interesting approach: VeriSign Proposes Takedown Procedures and Malware Scanning for .Com . This leads to the discussion I have so often: What is more important? The single website or the greater good? Now, do not get me wrong: I see the risks of VeriSign taking down microsoft.com...
12 Oct 2011
Why I do not like e-voting (part 3)
It goes on and on and on: Read this one Judge Suppresses Report on Voting Machine Security Roger
5 Oct 2008
Hacking Incidents 2009 – Interesting Data
There is a project called the web hacking incident database (WHID), which collects data and statistics on web-application related security incidents. I was just looking into their report called The Web Hacking Incident Database 2009 which has some pretty interesting statistics in. In order to judge...
12 Mar 2010
Raid against Piracy
There seem to be policy organizations being serious about fighting piracy! Hungary, actually with 41% pirated software “not even that bad”, seems to be really serious. But before, let me just take those 41% up for a second: This means that 41% of the work you do is stolen. I think a significant negative...
22 Jun 2010
Do we Need Special Laws?
Well, yes we need Cybersecurity Legislation without doubt but sometimes the legislator goes too far in my opinion. I read this article this morning: Use Google Street View Maps & Serve More Time. I quote: The state legislature in the U.S. state of Louisiana has passed a law adding extra time for...
2 Jun 2010
Download Pirated Copies – and you will be banned from the Internet
This is a very tough legislation: France just agreed on a new Internet Piracy Bill. If you violate piracy laws three times, you will be banned from the Internet up to an year: http://www.webpronews.com/topnews/2009/05/12/france-approves-internet-piracy-bill Interesting approach Roger
13 May 2009
What is More Important to You? Privacy or Safety?
I want to start upfront: I do not want to take a position here. I have an opinion as a person in my cultural context but I understand that this opinion is by far not the only one which is right or wrong. This morning I read this article: FBI Drive for Encryption Backdoors Is Déjà Vu for Security Experts...
29 Sep 2010
Cybercrime as a Service–Our Future?
It is not really surprising that the criminals will leverage the economy of Cloud Computing for their illegal purposes. Especially activities, which consume a lot of processor power will be moved to the Cloud – like any other business. Some way back, there were discussions on how to leverage GPUs to...
12 Jan 2011
A Detailed Analysis of an Attack – Do We Need an International Incident Sharing Database?
I recently came across a paper called Shadows in the Cloud , which is actually a follow-up report of Tracking GhostNet: Investigating a Cyber Espionage Network , an investigation of the attacks on the office of the Dalai Lama and some governmental bodies. The report is written by two bodies who had the...
21 Apr 2010
How to circumvent Privacy Laws
As you all know, most jurisdictions allow individuals to ask for data collected by an organization (being it a company or a governmental organization). A lot of countries have Data Protection Commissioners that look into what companies and more often governments do with regards to PII (Personal Identifiable...
20 Aug 2008
Special Intelligence Report on the Rustock Takedown
As you might remember, on Match 16th Microsoft together with other industry players was successfully able to take down the Rustock botnet and thus significantly reducing the spam level. We now just published a special Intelligence Report on this botnet: Read an overview of the Win32/Rustock family of...
6 Jul 2011
© 2014 Microsoft Corporation.
Privacy & Cookies