Microsoft Security Blog

The official Microsoft blog for discussing industry and Microsoft security topics.

March, 2013

  • Cybersecurity 2020 Student Essay Contest

    Microsoft is looking for great student research on the future of cybersecurity policy. If you have conducted or plan to conduct such research, read on for information on how you can win a $5,000 cash prize for your research in our Cybersecurity 2020 essay contest.

  • REGISTER NOW AND SAVE $300!

    The second annual Security Development Conference will bring some of the best and brightest information security professionals to San Francisco, May 14-15, 2013. Learn about proven security development practices through interactions with peers, industry luminaries and other organizations. Sessions will cover the latest security development techniques and processes that can reduce risk and help protect organizations in this rapidly evolving technology landscape.

    Act now and get this limited time offer; register for just $300 by using this discount code: IND@SDC#12

  • The Threat Landscape in China: A Paradox

    The threat landscape in China is one topic that always garners a lot of interest. Using trend data from the Microsoft Security Intelligence Report volume 13, and previous volumes, I will provide some insight into what the threat landscape in China looked like in the first half of 2012.

    Threat landscape data for China is somewhat paradoxical.  China had the lowest malware infection rate (CCM) of any of the 105 locations included in volume 13 of the Security Intelligence Report.  The malware infection rate in China in the second quarter of 2012 (2Q12) was 0.6.  This means that 0.6 of every 1,000 computers scanned in China in 2Q12 was infected with malware, compared to the 2Q12 worldwide average CCM of 7.0. To add even more context, China’s malware infection rate in 2Q12 is lower than those of the locations that consistently have the lowest rates in the world like Finland (CCM of 1.1 in 2Q12) and Japan (CCM of 0.9 in 2Q12) as seen in Figure 2.  This is a stark contrast to a location with a high infection rate, like Korea with a CCM of 70.4 in 2Q12.

  • On The Origins of Malware: Are Malware Hosting Sites in Your State or Region?

    Systems that host and distribute malware are located all over the world.  These systems have typically been compromised and are being used for illicit purposes unbeknownst to the administrators of the systems.  These compromised machines can be personal computers located in homes and small businesses, as well as servers in data centers. 

    Some background information
    To get a sense of how attackers use malware hosting servers, just look at drive-by download attacks as one example.  A drive-by download site is a website that hosts one or more exploits that target specific vulnerabilities in web browsers, and browser add-ons. Malware distributors use various techniques to attempt to direct internet users to websites that have been compromised or are intentionally hosting hostile code. Users with vulnerable computers can be secretly infected with malware simply by visiting such a website, even without attempting to download anything themselves.  I have written about drive- by download attacks before: What You Should Know About Drive-By Download Attacks part 1, part 2.

  • RSA Conference 2013: Thank-you RSA Attendees!

    The RSA Conference in San Francisco is over for another year.  I want to thank all those conference attendees that attended one of the many activities Microsoft had going on during the week or took time to visit our booth.

    Special thanks to those conference attendees that attended the breakout session that Jeff Jones and I hosted on the Microsoft Security Intelligence Report.  The session was well attended and we had some great questions during and after the session.  It was a lot of fun for both Jeff and I!

  • Compliance Series: Financial Services Security and the BITS Framework

    This article in our compliance series looks at the importance of secure software development to the financial services industry.  Software - whether running on PCs, laptops, or in new cloud-based services plays a critical role for financial services institutions in helping to protect their business and customers. It can help protect against malicious attacks, theft of customer data and even corporate assets.  However, designing large, complex programs and services that manage this data in a secure manner can be difficult without a good secure development process in place.  This is one of the reasons the BITS Software Assurance Framework was created by the Financial Services Roundtable.