Yesterday we released the latest volume of the Microsoft Security Intelligence Report . Among the ~800 pages of new threat intelligence is a new study that attempts to quantify the benefit of running up-to-date anti-virus (AV) software. The study leveraged data from over a billion systems worldwide and...

According to data we recently published in the Microsoft Security Intelligence Report volume 12 (SIRv12), drive-by download attacks continue to be a favorite tactic used by many attackers attempting to compromise large numbers of systems around the world. I have written about drive-by download attacks...

In part 1 of this series on the threat landscape in the European Union in the second half of 2011, I examined the threats in the location with the highest malware infection rate, Romania. In this segment of the series I will examine what is happening in the EU member states that have seen the biggest...

Recently I spoke at the Microsoft EU Cybersecurity & Digital Crimes Forum 2012 in Brussels. I provided an in-depth briefing on some of the significant shifts in threat landscape in the EU during the second half of 2011. I will be sharing some of the key findings of this analysis in a short series...

Scareware, also known as fake anti-virus software, has become one of the most common methods computer hackers use to swindle your money. If you have had a security alert icon pop up on your computer, you may have been the victim of scareware. In a recent TV interview , I discuss how scareware programs...

Today we released the latest volume of the Microsoft Security Intelligence Report (SIR) containing a large body of new data and analysis on the threat landscape. This volume of the SIR includes: Latest industry vulnerability disclosure trends and analysis Latest data and analysis of global vulnerability...

In this series of articles, we have been looking at some of the ways that the threat landscape has evolved over the past decade. In this final article in the series I discuss software servicing, or the art and science of effectively and efficiently keeping software up to date. What File Versions are...

The threat landscape in India has turned out to be more active than initially suspected. India has had a relatively low malware infection rate for some time, which seemed subdued for a region that has such a large high tech industry. But with the new data we recently released in the latest Microsoft...

Trending Security News In August we started posting the Weekly Roundup to share trending security news from many viewpoints. Week by week the flow of news provides insights into the ever growing challenges faced in the global efforts to secure cyberspace, as well as the progress made and security...

In a recent post, called The Curious Case of Qatar , I discuss how Qatar has the highest regional infection rate that we have ever reported. Prior to this the Republic of Korea had the highest malware infection rate in the world; back in July of this year I wrote about how the threat landscape in Korea...

In part one of this two-part series, I focused on how drive-by download attacks work. These attacks can be complicated because they can use multiple levels of redirection enabling components of an attack to be hosted on compromised systems in different parts of the world. Despite the relative sophistication...

My last blog post focused on Java exploits and the need to keep all software up to date. Since writing that article I have received some questions from customers asking for more details on how attackers are using such vulnerabilities to compromise systems. Subsequently, this two-part blog post is dedicated...

Trending Security News Carrier IQ, and its diagnostic software that is embedded in millions of smartphones worldwide, dominated the security news this week with all the drama of a fast-paced television show. The story began when researcher Trevor Eckhart announced he had discovered the software on...

Recently I was prompted to update Java components that are installed on one of the personal computers I have at home. As the installation wizard walked me through the steps to install the update, I was reminded how ubiquitous Java is. Figure: The Java update installer that ran on my personal computer...

Trending Security News As people in the United States prepared to tuck into their Thanksgiving dinner, and tune out the incessant ads urging them to take advantage of the allegedly great shopping opportunities to follow in the form of Black Friday and Cyber Monday, it was a perfect time to consider...

A recent blog post I wrote entitled Determining the Geolocation of Systems Infected with Malware , focused on some of the interesting changes in regional malware infection rates that occurred when we started using IP geolocation in the latest Microsoft Security Intelligence Report (SIRv11) . Figure...

Trending Security News Two major players—Facebook and Android—dominated security news this week. The attack on Facebook involved bombarding users with pornography and horridly violent images. Computerworld’s headline captured the impact the attack had on the online community: Facebook...

For me, one of the most interesting new bits of data included in the latest Microsoft Security Intelligence Report (SIRv11) is related to the methods we use to identify the geolocation of systems reporting malware infection data to us. Malware infection rate data for over a hundred locations is reported...

Trending Security News Another win for the good guys this week as a multi-year, international operation dubbed “Operation Ghost Click” resulted with the result of cyber criminals in their native Estonia. The investigation, led by the FBI, is credited with taking down an international click...

Trending Security News The big happening this week was the London Conference on Cyberspace where government and private sector leaders from around the world gathered to share ideas on how to best combat cyber threats and secure the Internet. Scott Charney, Microsoft Corporate Vice President of Trustworthy...

I recently visited Brussels, where the European Union has its main base of operations. I had the opportunity to talk to numerous people there about the latest Microsoft Security Intelligence Report containing data and insights on the cyber-threats Microsoft has observed specifically in the EU. Microsoft...

Trending Security News Governments around the world highlight the need for stronger cybersecurity as the Washington Post reports: Janet Napolitano: Hackers have ‘come close’ to major cyberattack . The New York Times carried the story Virus Infects Computers in Japan’s Parliament...

Trending Security News This past week saw the return of Stuxnet code in the form of a new intelligence gathering malware attack called Duqu. Network World ran a FAQ on Son of Stuxnet story describing what Duqu is and how it works while Dark Reading ran a story titled Waiting For 'Son Of Stuxnet' To...

Trending Security News The big news in the computer industry this week—and the big news far beyond our industry—was the passing of the innovative genius Steve Jobs. The New York Times story Apple’s Visionary Redefined Digital Age highlights Steve’s personal and professional...

(Reuters) - Hundreds of computer geeks, most of them students putting themselves through college, crammed into three floors of an office building in an industrial section of Ukraine's capital Kiev, churning out code at a frenzied pace. They were creating some of the world's most pernicious, and profitable...