Browse by Tags

All Tags » Cybercrime » Incidents   (RSS)
Distributed Denial of Service – and how it works
I often get asked about Distributed Denial of Service (DDoS) attacks, how it works and what role we can play to prevent them. So, let me start with the first part of it: Our Security Intelligence Report version 5 talked about the underground economy and Read More...
Posted 08 July 09 01:30 by rhalbh | 0 Comments   
Filed under ,
How much does a lost Laptop cost?
I stumbled upon this study today commissioned by Intel and executed by Ponemon. They key findings were: The average value of a lost laptop is $49,246. This value is based on seven cost components: replacement cost, detection, forensics, data breach, lost Read More...
Posted 27 April 09 02:14 by rhalbh | 1 Comments   
Filed under , ,
Finjan reports world's largest Botnet
digg_url = "http://blogs.technet.com/rhalbheer/archive/2009/04/24/finjan-reports-world-s-largest-botnet.aspx";digg_title = "Finjan reports world\'s largest Botnet";digg_bgcolor = "#555555";digg_skin = "normal"; digg_url = undefined;digg_title = undefined;digg_bgcolor Read More...
Posted 24 April 09 11:45 by rhalbh | 0 Comments   
Filed under , ,
Security Intelligence Report: “Scareware” on the Raise
You know that we release our Security Intelligence Report twice an year: Today Version 6 is due. Let me try to give you an overview of the “highlights” of the report from my point of view: As I wrote in the title and as I blogged about this summer ( „Scareware“ Read More...
Posted 08 April 09 08:50 by rhalbh | 2 Comments   
Filed under , , , , ,
Additional Conficker Guidance
Yes, Conficker is far from being over. We still see a lot of infections. Therefore we decided to publish additional guidance for Conficker: Microsoft Conficker guidance page for IT Professionals and those focused on security in the enterprise: http://technet.microsoft.com/en-us/security/dd452420.aspx Read More...
Posted 07 February 09 11:42 by rhalbh | 0 Comments   
Filed under , ,
The Way to a Zero Day
No, sorry but this is not a tutorial I just read this blog post on Websense which is pretty interesting: The way to a zero-day Roger Read More...
Posted 05 February 09 09:10 by rhalbh | 0 Comments   
Filed under ,
After Estonia now Kyrgyzstan
There is definitely proof that during war times, armies add a virtual component to the “real life” war. Additionally we have seen the attacks to Estonia, where nobody really knew where they originated from (I do not mean the country but whether a government Read More...
Posted 30 January 09 01:49 by rhalbh | 0 Comments   
Filed under , ,
Comments on US-CERTs Advisory on Auto-Run
You might have seen the advisory of the US-CERT titled Microsoft Windows Does Not Disable AutoRun Properly – if not, you will definitely have seen one of the articles covering this issue and telling you that our advice on how to prevent Conficker is flawed. Read More...
Posted 22 January 09 03:41 by rhalbh | 3 Comments   
Filed under , ,
Russian Roulette with your Network
First of all, before I really start, I hope that you all had a great start in 2009. Mine was actually pretty mixed. The good side was, how my year really started and what I saw when I looked out the window at January 1st (yes, I was on vacation skiing Read More...
Posted 04 January 09 01:17 by rhalbh | 17 Comments   
Filed under , , , ,
Is there a Botnet building on MS08-067 exploits?
There are a lot of reports on a Botnet building on the back of exploits targeting MS08-067: New Windows worm builds massive botnet MS08-067 Vulnerability: Botnets Reloaded Bots exploiting Microsoft's latest RPC flaw Exploit-MS08-067 Bundled in Commercial Read More...
Posted 07 December 08 10:49 by rhalbh | 0 Comments   
Filed under , , ,
Attacks on MS08-067
As we were pushing on our Out-of-Band release earlier this month we tried to make you understand that immediate deployment is needed as the vulnerability is high risk. Otherwise we would not have gone out of band… Interestingly enough, we have not seen Read More...
Posted 26 November 08 02:09 by rhalbh | 0 Comments   
Filed under , , , , ,
Security Risks in the Supply Chain?
At the moment I am travelling through the Gulf in order to launch the Security Intelligence Report v5 with local data. During one of the discussions today, a question was raised which I was thinking about quite some while (but – honestly - do not have Read More...
Posted 24 November 08 04:40 by rhalbh | 3 Comments   
Filed under , , , ,
Risk of Outsourcing (and Security Outsourcing)
I am often asked about the risks of outsourcing (we often talk about processes, legal risks (e.g. Data Protection), etc.) – the list is very long. Today I read an article which touches a completely different issue: It is all about the security processes Read More...
Posted 30 October 08 10:56 by rhalbh | 2 Comments   
Filed under , , ,
H1 OS Desktop Vulnerability Report – Get It Now
You might know Jeff Jones' work on the different vulnerability reports comparing different products and vendors. Our goal is to understand and measure our progress and see where we stand with regards to the industry. Today, Jeff release his OS Desktop Read More...
Posted 27 October 08 03:05 by rhalbh | 3 Comments   
Filed under , , ,
Once Again: A Scam using Microsoft’s Name to Install Malware
It happens pretty often but this time it seems to be wider spread then normal as our traffic with regards to this issue is higher than usual: There is a mail circulating pretending that it is coming from Steve Lipner here at Microsoft telling you to install Read More...
Posted 10 October 08 07:01 by rhalbh | 0 Comments   
Filed under , ,
More Posts Next page »

Search

This Blog

Chat directly with me if you want. Go to my About page to find a web messenger!

Visit ourPhoto Gallery

Locations of visitors to this page

Rogers Security Blog at Blogged Add to Technorati Favorites

Syndication

Page view tracker