Microsoft Security Blog

The official Microsoft blog for discussing industry and Microsoft security topics.

August, 2011

  • Finale - Lessons from Some of the Least Malware Infected Countries in the World – Part 6

    In this final post in the series on select locations with consistently low malware infection rates, I share some key findings on how these regions maintain low infection rates. My previous five blog posts in this series focused on the threat landscape and insights from security professionals in Austria , Finland , Germany , and Japan . All these regions have enjoyed relatively low malware infection rates over the past several years. Figure: Infection rates for Austria, Finland, Germany and...
  • 5 Top Trends Redefining CSO Priorities

    The CSO carries a heavy load, as the person responsible for overall direction of security functions associated with IT applications, communications, and computing services and security within the enterprise. Part of what makes the role of the CSO so challenging is that trends introduce change, and the changes are cumulative. Few of the old security concerns go away; yet emerging technology trends introduce new risks while amplifying traditional concerns in novel and unexpected ways. Let’s...
  • Weekly Roundup : Aug 19, 2011

    Trending Security News This week security news stories focused on the rise of rapidly changing social engineered malware spread through mail attachments designed to infect your computer. You may have received these suspicious often poorly written emails before, asking you to open an attached form that needs filling out. The increase in email messages with malware attachments began Aug. 8 and peaked Aug. 12, according to eWeek, and spam outbreaks are reaching pre-Rustock takedown levels. Computerworld...
  • Japan - Lessons from Some of the Least Malware Infected Countries in the World – Part 5

      Japan is the final location of focus in this series of posts on regions that consistently have low malware infection rates. I hope these insights into the threat landscape in regions with low infection rates prove useful to regions with higher infection rates. I had the chance to visit Japan in 2007 where we launched the Microsoft Security Intelligence Report volume 2. Even then Japan had a relatively low malware infection rate. The chart below illustrates the infection rate trend in Japan...
  • Weekly Roundup : Aug 12, 2011 : Dissecting a Shady Rat

    Trending Security News Probably the most widely discussed and interesting story in security news was the follow-on activity from McAfee’s disclosures last week of “Operation Shady Rat.”   As we noted previously , Vanity Fair called it an “unprecedented cyber-espionage campaign and intellectual property bonanza,” while others say the hacking claims are overblown.  Analysis continued this week with other security vendors weighing in and everything from a denial of involvement by China to...
  • Germany - Lessons from Some of the Least Malware Infected Countries in the World – Part 4

    In this fourth installment in the series of posts, I focus on locations that consistently have low malware infection rates. In this case we examine the threat landscape in Germany . I’m trying to offer insights into the threat landscape in regions with low infection rates, knowing that regions with higher infection rates are interested in information that might help them. Since we started publishing regional malware infection rates back in 2007, Germany has consistently had a malware infection...
  • New Microsoft Security Program & Vulnerability Data Now Available

    We just released a new report from the Microsoft Security Response Center (MSRC) called “ Building a Safer, More Trusted Internet Through Information Sharing .” This report provides you with an update on the progress of key MSRC initiatives, along with new data on vulnerability counts and the like. Topics covered in the paper include: New data from the Microsoft Active Protections Program (MAPP) New data on the Microsoft Exploitability Index including guidance for customers on newer platforms Also...
  • Protecting the Supply Chain–The CSO Rides Shotgun

    When I was a teenager and a group of us headed to the car for some fun, someone would inevitably yell “I’ve got shotgun,” kicking off a race to the car and a round of “discussions” before seating arrangements were finally settled – specifically, who got to sit in the front and who had to sit in the back. The term “riding shotgun” is shorthand for “I’m riding up front” and while the practice of sitting up by the driver with a weapon...
  • Weekly Roundup : Aug 5, 2011 : Black Hat and the Blue Hat Prize

    Trending Security News An eventful week with plenty coming out of the Black Hat conference, the Microsoft Blue Hat prize , publication of the EWI Cybersecurity Summit Report , and more, covered below. Black Hat USA 2011 With Black Hat USA 2011 running this week there were plenty of stories about cyber threats – everywhere from programmable logic controllers, to SCADA equipment, to insulin pumps. Amidst all of this came the McAfee-dubbed “Operation Shady RAT,” which Vanity Fair called an “unprecedented...
  • Cybersecurity Report: 84% Believe Risk is Higher than 1 Year Ago

    With the annual Black Hat (Vegas) conference providing extra focus on cybersecurity this week, but also eclipsing most other news, I want to call attention to the EastWest Institute publication of their report on the Second Worldwide Cybersecurity Summit: Mobilizing for International Action . The EWI summit , held in London at the beginning of June, attracted more than 450 government, industry and technical leaders from 43 countries to craft new cybersecurity solutions. CSOs, CIOs, IT professionals...