Cybersecurity continues to be a hot topic around the world, particularly as governments develop policies to improve cybersecurity in critical infrastructure. In the U.S., the White House released an Executive Order entitled Improving Critical Infrastructure Cybersecurity to drive a concerted effort across...

Yesterday marked the one year countdown for the end of extended support for Windows XP Service Pack 3 (SP3). I wanted to pause today and lay out some of the important security implications of end of support so that customers are informed about what this change means to them. It has been twelve years...

The exploitation of vulnerabilities specific to country-code top-level domain (ccTLD) registries has become an increasingly common problem, especially in relatively small markets around the world. A ccTLD is an internet domain registry generally used or reserved for a country, a sovereign state, or a...

If you are looking for a resource that will help you manage security with Windows Server 2012, then I encourage you to check out a new book which will be published in the next few months titled “ Windows Server 2012 Security from End to Edge and Beyond .” This comprehensive book is designed...

Recently I wrote about the threat landscape in the European Union ( part 1 , 2 , 3 ) and Africa . This series of articles is focused on threats in select locations in Asia (Vietnam, India, Korea, Malaysia, Singapore, and Japan) and Oceania (Australia and New Zealand). I am focusing on these locations...

Last week, Jan Neutze and I participated in a dinner discussion on “Building a Secure Cyber Future” that the German Mission to the United Nations and the Atlantic Council organized for the members of the United Nations Group of Government Experts (GGE) on Developments in the field of Information...

Over the past few posts we’ve been covering the concept of the BYOD trend. We started with a foundation describing the origins and evolution of BYOD, followed by a closer examination of the pros and cons of BYOD from the employee perspective. This post will focus on BYOD from the point of view...

Bring your own device--or BYOD --is a tech trend that is changing the way many organizations manage technology. In previous posts, we’ve shared some background on our Trust in Computing Research project , and some of the interesting data we’ve uncovered related to the consumerization of IT, and the BYOD...

Recently I wrote a three part series of articles ( part 1 , part 2 , part 3 ) on the evolving threat landscape in the European Union. As I wrote in these articles, there has been a steep rise in the malware infection rates in some European countries that typically have some of the lowest malware infection...

According to data we recently published in the Microsoft Security Intelligence Report volume 12 (SIRv12), drive-by download attacks continue to be a favorite tactic used by many attackers attempting to compromise large numbers of systems around the world. I have written about drive-by download attacks...

Note that I just received the Call for Speakers notification for RSA Conference 2013.  You can view the full information on their website at: http://www.rsaconference.com/events/2012/usa/email/index-rsa.htm .  Speaking proposals are due Thursday, August 16. Click here to submit. RSA has also...

The era of IT departments mandating specific hardware, operating systems, or technologies is quickly eroding.  In its place a new culture is growing where employees are granted more autonomy—and given more responsibility—for their own technology. If you’ve been to enough parties you’re probably...

In the first two parts ( part 1 , part 2 ) of this three part series I focused on the locations in the European Union (EU) that had the highest malware infection rates and/or saw the highest increases in malware infection rates in the second half of 2011. In this final installment of the series I focus...

In part 1 of this series on the threat landscape in the European Union in the second half of 2011, I examined the threats in the location with the highest malware infection rate, Romania. In this segment of the series I will examine what is happening in the EU member states that have seen the biggest...

Recently I spoke at the Microsoft EU Cybersecurity & Digital Crimes Forum 2012 in Brussels. I provided an in-depth briefing on some of the significant shifts in threat landscape in the EU during the second half of 2011. I will be sharing some of the key findings of this analysis in a short series...

Okay, so there are about a million social techniques being used in email to get your attention and entice you to click on some bad link, but since this one purports to be from Microsoft, I thought I’d post a quick warning and do a bit of digging, since it is the first of these that I’ve gotten and I...

I’m pleased today to introduce a guest blog post by Jan Neutze, a senior global security strategist on my team who focuses on cybersecurity norms and Internet governance. Jan is speaking today at the Atlantic Council of the United States and shares insights on ways to build a more secure cyber...

In The Evolution of Malware and the Threat Landscape , the Special Edition Security Intelligence Report that we released at RSA and other Security Intelligence Reports (SIR), my starting primary source is the National Vulnerability Database ( http://nvd.nist.gov ) that is maintained by the National Institute...

[NOTE: The time was originally listed as 10:30am, but it starts at 11:00am] Tim Rains and I will be presenting in a live webcast this morning ( 5/23 @11:00am PST ) on the topic “ Code Red to Zbot: 10 Years of Tech, Researchers and Threat Evolution .” The session was presented at the RSA USA 2012 Conference...

Trending Security News Security news stories this week focused on smartphone security and GPS tracking; our Security Development Conference in DC; and a report on security technology trends with a few stories also covering malware stats and cyber-attacks. Here are the security news stories and two blog...

Trending Security News Security news stories this week continue to validate the importance of cybersecurity skills in the marketplace and FEMA released a new National Preparedness Report providing insights on the state of national critical infrastructure protection. Here are some of the security news...

Trending Security News Security news stories last week reported the House passed the CISPA bill; CNET reports Mac security ten years behind Microsoft; and infosecurity ran a story about the GAO that testified on Capitol Hill reporting there were 42,887 cybersecurity incidents last year. Here are some...

Security News Security news stories this week covered CISPA, a cybersecurity bill that continues to draw fire from privacy groups: some experts weigh the pros while others say the bill is too vague as written and predict it will be tabled. Also in the news Anonymous claims Pastebin censorship and creates...

In the first part of the series , we looked specifically at the general use of Computing and the Internet, with the second part focusing on the audience breakdown for these questions. While some of the findings are as we had anticipated, we found several interesting results: Over 95 percent of...

Trending Security News Security news stories this week highlighted data breaches, tips on computer security, cybersecurity and online safety patterns and practices, and analysis in support and criticism of Cyber Intelligence Sharing And Protection Act (CISPA). Here’s our top news stories and blog...