Mitigating Pass the Hash Attacks

In the recent months, we have seen more and more targeted attacks towards our customers. A lot of them use a technique called Pass the Hash. This made us publishing a paper, which explains Pass the Hash but much more important shows some fairly simple to implement mitigations against this type of attack. As they…

0

Kaspersky Lab: Microsoft software products pretty darn secure

What a statement! The last time I was on a panel with Eugene Kaspersky, he told us that the world will end and the only way to prevent this from happening is a new really secure OS (and they have one…). And now, I read such statement: Microsoft products no longer feature among the Top…

0

Two Papers on Current Issues

Trustworthy Computing just released two papers on current issues: Determined Adversaries and Targeted Attacks Whitepaper This paper shares Microsoft’s insights into the threat that Determined Adversaries and Targeted Attacks pose, identifies challenges for organizations seeking to combat this threat category and provides a context for other papers that will directly address each of those. http://www.microsoft.com/en-us/download/details.aspx?id=34793…

0

The Future of Crime

You should spend 15 minutes on this TED talk – really worth it!! https://youtu.be/7_OcyWcNi_Y Roger

0

Security Lessons from Star Wars

Exactly the right article for a weekend: May the (En)Force(ment) Be With You – Security Lessons from Star Wars From applying security policies to DLP and effective user authentication, there are many infosecurity lessons to be learned from the classic space opera. Terry Greer-King of Check Point shows how companies can avoid the Empire’s mistakes…

1

New Consumerization of IT Test Lab Guide: Hyper-V Windows 8 corporate virtual machine on personal computer"

Out friends in France are currently working intensively on Test Lab Guides for Consumerization of IT. The next one was just released: New Consumerization of IT Test Lab Guide: Hyper-V Windows 8 corporate virtual machine on personal computer” This is the overview: Thinking about Consumerization of IT (CoIT) necessarily leads to some security and management…

0

Paper: Information Protection and Control (IPC) in Office 365 Preview with Windows Azure AD Rights Management

As you know, protecting your information in the cloud is key. We just published a paper called Information Protection and Control (IPC) in Office 365 Preview with Windows Azure AD Rights Management. Here is the summary: Due to increased regulation, the Consumerization of IT (CoIT) and the “Bring Your Own Device” (BYOD), the explosion of…

1

Security Implications of Pirated Software

A while ago, when I was travelling a journalist told me that he never pays for our software as he can easily download a tool to crack Windows XP (he was still running XP). We had an interesting discussion afterwards (besides the fact that he showed me how he steals our goods) about security. He…

2

How to secure your Facebook account

I think that this is actually a fairly good overview of the privacy settings on Facebook and how you should set them: How to secure your Facebook account Roger

0

Hacking on the plane: who has jurisdiction?

Wow, that’s an interesting question: Let’s say a Canadian flies from New York to Tokyo on Korean Air and hacks the German tourist’s computer seated in front of her while over the Pacific. Who’s laws apply? (Canada, US, Japan, Korea, Germany?) I mean, we have a hard time answering this question if everybody is grounded…

5