• Cybersecurity Today: The Wild, Wild West

    Posted over 5 years ago
    by Microsoft Swiss Security Team}

    If you purchased a brand new computer today with all the latest security software and plug it into the Internet, how long would it be before the first hacker probed it?
    Answer : About four hours...

    http://www.newsfactor.com/story.xhtml?story_id=12100CEDYE09

    Probing? 4 hours? I attached lately a new FW to my ISPs network, it took less than ONE minute until the first knocked on the wall! ;-)
    However, the interesting fact would be, how strong such a new machine with all the latest (security) software installed would remain unhacked!?!

    Knowing that you can get hacked (sorry, probed) every day, why are still so many products open by default? No initial passwords, disabled by default, not locked down by default, etc., etc., etc.

    -Urs


     

  • Inside the Password-Stealing Business: The Who and How of Identity Theft

    Posted over 5 years ago
    by Microsoft Swiss Security Team}

    With shopping and banking transactions occurring primarily online today, password stealing has become a common cyber crime. Whatever the vector of attack, in many cases some sort of password-stealing malware makes its way onto victims’ computers.

    McAfee Research Report: http://www.mcafee.com/us/local_content/reports/6622rpt_password_stealers_0709_en.pdf

    Some suggestions for creating strong passwords:
    http://www.microsoft.com/protect/fraud/passwords/create.aspx
    (This btw. is on our new Online Saftey page - go and have a look!)

    -Urs


     

  • Where in the World do Viruses come from?

    Posted over 5 years ago
    by Microsoft Swiss Security Team}

    The U.S. continues to dominate as the main source of the world's viruses, producing 15.9 percent of all viruses. It is followed closely by Brazil, which produces 14.5 percent (similar levels to last month's 14.1 percent).

    You can see more about virus trends from the Microsoft Security Intelligence Report:
    http://www.microsoft.com/security/portal/Threat/SIR.aspx

    Urs


     

  • Hacking Your Life (oh oh...)

    Posted over 5 years ago
    by Microsoft Swiss Security Team}

    A Virginia woman discovered that her married boyfriend had other girlfriends, and she decided to seek revenge online. According to federal prosecutors, she hired computer hackers to help.

    Elaine Cioni paid hackers $100 [U.S] for the password to her boyfriend’s AOL e-mail account, according to prosecutors, and for an extra $100, she received the e-mail passwords of her boyfriend’s wife, children and one of his girlfriends.

    No one had a clue she had access.

    The Washington Post recently reported that she was caught only after she started making harassing phone calls to her boyfriend and his family. (She used an online “spoofing” system that disguised her voice.)

    Convicted of violating federal law, she is serving a 15-month prison sentence.

    ;-)

    Urs


     

  • Microsoft SDL team releases new security tools

    Posted over 5 years ago
    by Microsoft Swiss Security Team}

    The Security Development Lifecycle (SDL) team at Microsoft released two security testing tools.

    BinScope Binary Analyzer
    BinScope is a Microsoft verification tool that analyzes binaries on a project-wide level to ensure that they have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations.
    http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=90e6181c-5905-4799-826a-772eafd4440a

    MiniFuzz File Fuzzer
    MiniFuzz is a very simple fuzzer designed to ease adoption of fuzz testing by non-security people who are unfamiliar with file fuzzing tools or have never used them in their current software development processes.
    http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=b2307ca4-638f-4641-9946-dc0a5abe8513

    Urs