Microsoft Security Blog

The official Microsoft blog for discussing industry and Microsoft security topics.

February, 2012

  • Trust in Computing Research

    Yesterday in Scott Charney’s RSA 2012 keynote , he made reference to a statistic stating that 92.5 percent of respondents believe cybercrime laws need updating. This was one of the many findings of the Trust in Computing research recently conducted by the Trustworthy Computing team. The Microsoft “Trust in Computing” research was conducted in nine countries around the world; the United States, Canada, United Kingdom, Germany, Australia, Brazil, Russia, India and China. Questions...
  • Scott Charney’s Keynote at RSA Conference 2012

    Scott Charney’s RSA keynote this morning outlined evolved security, privacy and reliability strategies for cloud and big data. He encouraged industry and governments to adopt more holistic security strategies, create effective privacy principles and improve reliability of devices and services. Scott discussed the cloud and the concept of big data, the role of governments, and the reality of evolving cyber threats. Scott also announced the new Trustworthy Computing Next white paper. ...
  • TwC 10 Year Industry Appreciation Party @ RSA Conference 2012

    As you know, we reached our 10 year milestone in January for Trustworthy Computing (TwC) and, at the RSA Conference next week, the leader of our TwC group, Corporate Vice President Scott Charney will be delivering a keynote on how computing and society has changed over the past 10 years and what he views as the strategic changes that we (they industry) must embrace in order to provides secure, private and reliable computing experiences for citizens around the world. So, next week, I’ll be making...
  • Trustworthy Computing: Learning About Threats for Over 10 Years - Part 1

    When I compare what the threat landscape looked like at the turn of the century to what it looks like today it’s clear that things have changed. At the height of the dot-com boom, less than a third of homes in North America and Europe had Internet access [1] , with broadband technologies accounting for less than 10 percent of that overall number [2] . Servicing software using the Internet was in its infancy. The idea that an attacker could compromise a large number of interconnected computer systems...
  • The Threat Landscape in Mexico

    Many customers I have talked to who have operations in Mexico have asked for insight into the threat landscape there. The threat landscape in Mexico has been quite active and in this article I try to provide some insight into what has been happening there based on data from the Microsoft Security Intelligence Report . Looking back at the three year period between July 2008 and July 2011, although the raw number of detections and removals of malware by Microsoft anti-malware products in Mexico isn...
  • Phishing Financial Institutions & Social Networks

    Phishing is a method of credential theft that tricks Internet users into revealing sensitive information, such as personal or financial information, online. Phishers use phony websites or deceptive email messages that mimic trusted businesses and brands to steal sensitive information, such as user names, passwords, credit card numbers, and other identification numbers. How Microsoft Tracks Phishing Sites and Phishing Impressions Microsoft gathers information about phishing sites and impressions from...
  • Security Development Lifecycle: A Living Process

    You might have heard that January 2012 marked the ten year milestone of Bill Gates’ now famous email that started Trustworthy Computing at Microsoft. This email resulted in many changes across the company that have cascaded over the years. I have worked at Microsoft since the late 1990s, working in several roles since that time, and have seen many of the resulting changes firsthand. Perhaps the most important change at Microsoft was the creation and institutionalization of the Microsoft Security...