December 2008 - Posts

Spying on Smartphones
I was recently at an event for Law Enforcement where one of the discussion points was how critical it is to protect Smartphones – actually it was more about how easy to would be to claim that my Smartphone was hacked and how proof can be found. That you Read More...
Posted 26 December 08 05:04 by rhalbh | 1 Comments   
Filed under , ,
SQL Injection – again?
This week I had – again – a longer mail thread on SQL Injection attacks. Probably it caught me at the wrong moment, as it was a very long week preparing for the IE Out of Band making sure everybody knows what they have to do. And then… I was actually Read More...
Posted 22 December 08 01:04 by rhalbh | 1 Comments   
Filed under , ,
Stealing the Empire State Building in 90 Minutes
You do not trust e-Business? Why do you trust “normal” business then? Read this: Newspaper 'Steals' Empire State Building in Just 90 Minutes Roger Read More...
Posted 18 December 08 05:58 by rhalbh | 0 Comments   
Filed under ,
Internet Explorer Security Update Ready
Go out there and install the update immediately now. Here is the bulletin: MS08-078 - Security Update for Internet Explorer (960714) If you think that you could be infected, run a scan with the online Windows Life OneCare Safety scanner which finds the Read More...
Posted 17 December 08 08:10 by rhalbh | 1 Comments   
Filed under
IMPORTANT: IE Vulnerability: Out of Band Release Scheduled for Tomorrow
Just as a short notice: We just started to communicate that we will release a security update for the Internet Explorer vulnerability. At the moment, the update is schedule to be released approx 10:00 am PST (19:00 CET) tomorrow. Have a look at the Advanced Read More...
Posted 16 December 08 08:39 by rhalbh | 1 Comments   
Why you should clean your devices before selling them
Outch: McCain campaign sells unwiped Blackberry for $20 Roger Read More...
Posted 16 December 08 01:53 by rhalbh | 0 Comments   
Filed under
Videos about the latest Security Development Lifecycle
I know that this is not particularly news but nevertheless it could well be that the non-developers out there have not yet seen this. During TechEd EMEA for Developers we announced several things around SDL and had some speeches. Some of them are public Read More...
Posted 15 December 08 07:42 by rhalbh | 1 Comments   
Filed under , , ,
Vulnerability in Internet Explorer Could Allow Remote Code Execution
You know that I rarely blog on Advisories we publish unless they are heavily critical. I just want to make sure that you have seen this. MSRC (the Microsoft Security Response Center) constantly updates this advisory with workarounds. Please take this Read More...
Posted 13 December 08 01:32 by rhalbh | 4 Comments   
Filed under
Privacy Video Competition
On January 28th the European Union is holding the Data Protection Day . To prepare for that, they are holding a competition for young people from 15 to 19 to express their views about online privacy. Here is the teaser: Surf the net – Think privacy! So, Read More...
Posted 11 December 08 10:07 by rhalbh | 0 Comments   
Filed under ,
Europol High Tech Crime Experts Meeting 2008
I recently had the great opportunity to join the Europol High Tech Crime Experts Meeting 2008 in Den Haag. This is mainly a get together of the High Tech Crime leads of the EU Law Enforcement agencies and countries where they have a close relationship Read More...
Posted 11 December 08 01:22 by rhalbh | 0 Comments   
Filed under , ,
Important Privacy Announcement
I  wanted to make you aware of a very important announcement we made earlier today. As you know, Trustworthy Computing is all about Security,  Reliability and Business Practices. Our house has a fourth pillar -  Privacy - which we view Read More...
Posted 09 December 08 07:54 by rhalbh | 4 Comments   
Filed under , ,
Never Leave your PC Unlocked (or have additional protection)
Read More...
Posted 08 December 08 01:29 by rhalbh | 0 Comments   
Filed under
Is there a Botnet building on MS08-067 exploits?
There are a lot of reports on a Botnet building on the back of exploits targeting MS08-067: New Windows worm builds massive botnet MS08-067 Vulnerability: Botnets Reloaded Bots exploiting Microsoft's latest RPC flaw Exploit-MS08-067 Bundled in Commercial Read More...
Posted 07 December 08 10:49 by rhalbh | 0 Comments   
Filed under , , ,
Security and Piracy – a Correlation?
I am working on a blog post on Security and Piracy looking into the data I have available. Probably it will be ready next week but what I wanted to know: Is there anybody who did some research about this already? I would appreciate if you could let me Read More...
Posted 07 December 08 09:37 by rhalbh | 2 Comments   
Filed under ,
98% unpatched – and I am one of them :(
Well, you saw my post earlier this week on the 1.96% of PCs being updated according to Secuina . Well, as time does, I decided to install this tool as well to look at it. I did an initial scan on my home PC and this was the outcome: Outch, this hurts Read More...
Posted 05 December 08 03:57 by rhalbh | 4 Comments   
Filed under ,
Only 1.91% of PCs are patched!
Well, honestly, I am not completely clear how statistically relevant this data point is. I just read it in a secunia blog where they published figures of users of their free solution. This is data of the last few weeks and looks into the results of the Read More...
Posted 04 December 08 05:59 by rhalbh | 0 Comments   
Filed under , ,
EMC/RSA and Microsoft: Partnership Announcement
I am more than pleased to inform you that we announced today a partnership between EMC/RSA and us . This partnership involves the integration of EMC/RSA technology into our platform. I quote from our press release: Microsoft will build the RSA® Data Loss Read More...
Posted 04 December 08 05:53 by rhalbh | 0 Comments   
Filed under ,
Article was Bogus: Do Mac Users not need Anti-Virus Protection?
Today I was having a discussion with a religious Mac fan claiming that the only problem with security on the Internet is Windows and then I read this article on ZDNet: Despite what blogs (and Apple) say, Macs will eventually have malware In there it is Read More...
Posted 04 December 08 08:48 by rhalbh | 2 Comments   
Filed under , ,
Apple Recommends Running Multiple AV Engines
This is an interesting thing: I just read this post on ZDNet . The blamed us for being the key target for viruses and they always told me that they do not have a security problem. I am convinced that there is no software product having no security vulnerabilities Read More...
Posted 03 December 08 06:45 by rhalbh | 1 Comments   
Filed under , ,
Technology in the Mumbai Attacks
One of the questions I often get is my position on Cyber-Terrorism. I doubt that there will be “isolated” technology-related terrorism. What we see much more is the use of high-tech during classical terrorism attacks. If you look at the recent terrorism Read More...
Posted 02 December 08 10:10 by rhalbh | 2 Comments   
Filed under ,
Some Thoughts on our Anti-Malware Strategy
You will definitely have heard that we change our Anti-Malware Strategy: We recently announced that we will stop selling Windows Live OneCare and that we will launch a quality no-cost solution code-name “Morro”. There was quite some coverage on that but Read More...
Posted 01 December 08 10:57 by rhalbh | 1 Comments   
Bitlocker now FIPS 140-2 Certified for Windows Vista SP1 and Windows Server 2008
Just a quick one: We received the FIPS 140-2 certification for Bitlocker in Windows Vista SP1 and Windows Server 2008. The certificates were posted on the CMVP website on November 25th. The Security Policy Document along with the certificates can be viewed Read More...
Posted 01 December 08 08:54 by rhalbh | 0 Comments   
Filed under ,

Search

This Blog

Chat directly with me if you want. Go to my About page to find a web messenger!

Visit ourPhoto Gallery

Locations of visitors to this page

Rogers Security Blog at Blogged Add to Technorati Favorites

Syndication

Page view tracker