Vinny Gullotto, the General Manager of the Microsoft Malware Protection Center (MMPC) announced that Microsoft has opened a new research and response lab in Munich, Germany. This new lab will complement the existing research and response labs Microsoft has in the United States, Ireland, Australia, and Canada. The MMPC also has additional researchers located in New York, Los Angeles and Beijing, China. All the details are available in this blog post . Tim Rains Director, Product Management Trustworthy...

  The Internet, personal computers, smartphones, software, and online services, play a significant role in our lives. These technologies are among the most important components that make up Information and Communications Technology (ICT) systems. Today governments and their citizens around the world rely on ICT systems to an unprecedented degree. As a consequence, governments are devoting increasing attention to risks that can threaten the security and reliability of these systems, including...

Advice on what a young person should choose for a future is as old as civilization. In the United States the classic satirical take on such advice was in the 1967 movie “The Graduate”, when Dustin Hoffman playing an overwhelmed teenager, is nabbed at his high school graduation party by a well-meaning adult. “I just want to say one word to you,” the adult says. “One word. Are you listening?” After pausing for dramatic effect he blurts out the secret to the...

We have been producing the Microsoft Security Intelligence Report for nearly five years now. Throughout that period of time I have seen a small group of countries/regions maintain relatively low malware infection rates. Examples include places like Austria, Finland, Germany, and Japan. Of course malware infection rates are dynamic – we measure them using a metric called Computers Cleaned per Mille (CCM) . The CCM helps normalize the data so that we can compare infection rates between countries with...

The world just took another step along the path of creating a more secure global Internet environment. Many more steps remain on this journey, but it was good to read that the US has signed a cybersecurity agreement with India ( read the DHS press release ). A memorandum of understanding between the U.S. Department of Homeland Security Deputy Secretary Jane Holl Lute and Indian Department of Information Technology Secretary R. Chandrashekhar was signed July 19 in New Delhi. In the domain of a shared...

The news from the U.S. Department of Defense (DoD) last week was sobering – if not overly surprising – as the department announced that during March an unnamed foreign intelligence service hacked into the computer system of a corporate contractor and obtained 24,000 Pentagon files during a single intrusion. The New York Times reported this as the DoD suffering “one of its worst digital attacks in history.” The Times article noted that files stolen from defense and industry data networks have included...

Every country/region of the world has a threat landscape that is characterized by the strategies and tactics that malicious actors use to victimize technology users. Korea has a threat landscape that is characterized by a mix of global threats as well as threats that are targeting users in Korea specifically. We have been publishing data on the threats we observe in Korea in the Microsoft Security Intelligence Report . Over the past couple of years we have observed that the threat landscape in Korea...

In this post, I’d like to talk about the digital and social identity proxies that we create so that we can interact online – and talk about the steps I will be taking over the next few weeks to clarify and separate my own online personas. I was lucky enough to have early online access (e.g. email and Usenet) when at Purdue from 1985-1987, but could never have imagined how the Internet would grow to become such an integrated part of modern society.  Some things are just hard to foresee. NOTE...

The Rustock botnet was a large botnet with over 1 million infected computers under its control. This botnet was used to send large volumes of spam. Researchers at Microsoft observed a single Rustock infected computer sending 7,500 spam emails in 45 minutes – a rate of 240,000 spam emails per day. At times Rustock was capable of sending an estimated 30 billion spam emails per day. Much of the spam email that the Rustock botnet sent advertised counterfeit or unapproved knock-off versions of pharmaceuticals...