• Two Important Changes Today to Our Bulletin Process

    Today is the day! At Blackhat in August we announced two significant changes to our bulletin release process and today it is the first time this actually kicks in. Just to recapitulate: What did we change? We introduced the Microsoft Active Protections...
  • Hacker arrested for Video Giving Tips for ATM Skimmers

    It will be interesting how you see it. When I blogged on Suspended Jail for Hacking Tutorial in France , I got quite some negative feedback like “do you have nothing better to do than to go after these guys”, “why should it be illegal to publish such...
  • Deploying IPsec Server and Domain Isolation using Windows Server 2008 Group Policy

    As you know (at least I hope that you do) we introduced Network Access Protection with Windows Server 2008. Thomas Shinder now published an article on WindowsSecurity.com about how to implement NAP and IPSec and Domain Isolation via Group Policies. It...
  • Once Again: A Scam using Microsoft’s Name to Install Malware

    It happens pretty often but this time it seems to be wider spread then normal as our traffic with regards to this issue is higher than usual: There is a mail circulating pretending that it is coming from Steve Lipner here at Microsoft telling you to install...
  • Microsoft Security Assessment Tool v4.0 available

    I already blogged a few times on MSAT (the Microsoft Security Assessment Tool). We just released a new version for it, version 4. For those of you who do not know MSAT: MSAT is a free (stress: free) Risk Assessment Tool mainly targeted a Small and...