Microsoft Switzerland Security Blog

As Conficker approaches the first anniversary of its appearance in the wild, the Shadowserver Foundation says that at least seven million IP addresses — each representing one or more computers — are now infected by the worm.
http://www.infosecurity-magazine.com/view/4941/confickers-first-birthday-looms-seven-million-ips-still-infected/

Perhaps a very good idea for the seven millions to look at the free:
Microsoft Security Essentials (MSE) Antimalware Software under:
http://www.microsoft.com/security_essentials/

Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.

Microsoft Security Essentials is a free* download from Microsoft that is simple to install, easy to use, and always kept up to date so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple.

Microsoft Security Essentials runs quietly and efficiently in the background so that you are free to use your Windows-based PC the way you want—without interruptions or long computer wait times.

 -Urs

The Microsoft Security Intelligence Report (SIR) provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Using data derived from hundreds of millions of Windows computers, and some of the busiest online services on the Internet, this report also provides a detailed analysis of the threat landscape and the changing face of threats and countermeasures and includes updated data on privacy and breach notifications. The seventh volume of the report is now available: http://www.microsoft.com/downloads/details.aspx?FamilyID=037f3771-330e-4457-a52c-5b085dc0a4cd&displaylang=en

-Urs

Scammers are targeting social networks with phishing scams and relying more heavily on worms and Trojans to attack computers, according to security trend reports to be released Monday by Microsoft and McAfee.

http://news.cnet.com/8301-27080_3-10387768-245.html

The Microsoft Security Intelligence Report (v7) was released today and can be found here:
http://www.microsoft.com/security/portal/Threat/SIR.aspx

The McAfee press release along with report (PDF) can be found here:
http://newsroom.mcafee.com/article_display.cfm?article_id=3591

-Urs

The Windows 7 security story has three main chapters that have received a fair amount of attention: DirectAccess, BitLocker To Go, and AppLocker. With these, as well as features such as BranchCache and enhancements to UAC (user account control), officials at Microsoft have said they feel they are pushing out their most secure operating system yet.

http://www.eweek.com/c/a/Security/Windows-7-Security-Story-May-Appeal-to-Enterprises-549002/

-Urs

EMET, short for Enhanced Mitigation Evaluation Toolkit, allows developers and administrators to add specific security protections to applications. Unlike mitigations released in the past, EMET doesn't require programs to be recompiled, so it can be used to fortify applications even when the source code isn't available.

http://blogs.technet.com/srd/archive/2009/10/27/announcing-the-release-of-the-enhanced-mitigation-evaluation-toolkit.aspx

-Urs

Cyber criminals have found a new launching pad for their scams: the phone systems of small- and medium-sized businesses across the U.S.

In recent weeks, they have hacked into dozens of telephone systems across the country, using them as a way to contact unsuspecting bank customers and trick them into divulging their bank account numbers and passwords.

http://www.computerworld.com/s/article/9140018/Internet_phone_systems_become_the_fraudster_s_tool

-Urs

Yes it does, at least according to a recently released report [PDF] by the Business Software Alliance (BSA) which basically correlates data on the known piracy rates for particular countries and their malware infection rates, using public sources.

http://blogs.zdnet.com/security/?p=4605&tag=col1;post-4605

Report: http://global.bsa.org/internetreport2009/2009internetpiracyreport.pdf

Urs

If you purchased a brand new computer today with all the latest security software and plug it into the Internet, how long would it be before the first hacker probed it?
Answer : About four hours...

http://www.newsfactor.com/story.xhtml?story_id=12100CEDYE09

Probing? 4 hours? I attached lately a new FW to my ISPs network, it took less than ONE minute until the first knocked on the wall! ;-)
However, the interesting fact would be, how strong such a new machine with all the latest (security) software installed would remain unhacked!?!

Knowing that you can get hacked (sorry, probed) every day, why are still so many products open by default? No initial passwords, disabled by default, not locked down by default, etc., etc., etc.

-Urs

With shopping and banking transactions occurring primarily online today, password stealing has become a common cyber crime. Whatever the vector of attack, in many cases some sort of password-stealing malware makes its way onto victims’ computers.

McAfee Research Report: http://www.mcafee.com/us/local_content/reports/6622rpt_password_stealers_0709_en.pdf

Some suggestions for creating strong passwords:
http://www.microsoft.com/protect/fraud/passwords/create.aspx
(This btw. is on our new Online Saftey page - go and have a look!)

-Urs

The U.S. continues to dominate as the main source of the world's viruses, producing 15.9 percent of all viruses. It is followed closely by Brazil, which produces 14.5 percent (similar levels to last month's 14.1 percent).

You can see more about virus trends from the Microsoft Security Intelligence Report:
http://www.microsoft.com/security/portal/Threat/SIR.aspx

Urs

A Virginia woman discovered that her married boyfriend had other girlfriends, and she decided to seek revenge online. According to federal prosecutors, she hired computer hackers to help.

Elaine Cioni paid hackers $100 [U.S] for the password to her boyfriend’s AOL e-mail account, according to prosecutors, and for an extra $100, she received the e-mail passwords of her boyfriend’s wife, children and one of his girlfriends.

No one had a clue she had access.

The Washington Post recently reported that she was caught only after she started making harassing phone calls to her boyfriend and his family. (She used an online “spoofing” system that disguised her voice.)

Convicted of violating federal law, she is serving a 15-month prison sentence.

;-)

Urs

The Security Development Lifecycle (SDL) team at Microsoft released two security testing tools.

BinScope Binary Analyzer
BinScope is a Microsoft verification tool that analyzes binaries on a project-wide level to ensure that they have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=90e6181c-5905-4799-826a-772eafd4440a

MiniFuzz File Fuzzer
MiniFuzz is a very simple fuzzer designed to ease adoption of fuzz testing by non-security people who are unfamiliar with file fuzzing tools or have never used them in their current software development processes.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=b2307ca4-638f-4641-9946-dc0a5abe8513

Urs

SANS released the "Top Cyber Security Risks" report which covers March-August 2009. The report features attack data from TippingPoint intrusion prevention systems protecting 6,000 organizations, vulnerability data from 9,000,000 systems compiled by Qualys, and additional analysis and tutorial by the Internet Storm Center and key SANS faculty members.

http://www.net-security.org/secworld.php?id=8091

Urs

Simply visiting one of the "Top 100 Dirtiest" Web sites - without downloading or even clicking anything - could expose your computer to infection and put your personal information into the hands of criminals, anti-virus software company Norton Symantec said.

http://www.smh.com.au/technology/technology-news/top-100-virusinfected-websites-exposed-20090820-erc8.html

Urs

Computer scientists in Japan say they've developed a way to break the WPA encryption system used in wireless routers in about one minute.

Last November, security researchers first showed how WPA could be broken, but the Japanese researchers have taken the attack to a new level, according to Dragos Ruiu, organizer of the PacSec security conference where the first WPA hack was demonstrated. "They took this stuff which was fairly theoretical and they've made it much more practical," he said...

http://www.thestandard.com/news/2009/08/26/new-attack-cracks-common-wi-fi-encryption-minute

Urs