Microsoft Security Compliance Manager 2 ready for download

If you are a regular reader of my blog, you should know the Security Compliance Manager (if you are not, you should become a regular reader of my blog ). Version 2 of the Microsoft Security Compliance Manager (SCM 2) is now available for download. If you do not know it, this is the way…


EMET–Protection Against Zero-Days

The Enhanced Mitigation Experience Toolkit  is definitely not new but I recently realized that not too many people know about it – and they should. EMET helps you to raise your shields against zero-days and any exploit in the wild. I do not say that it is a silver bullet but it is definitely going…


Moving from Linux to Windows

I know, that’s the second time now I am doing this comparison thingy and I promise that I will stop again and deliver you a cool tool as the next post but I read this article: Why I’ve finally had it with my Linux server and I’m moving back to Windows – be sure that…


Comparing Windows Phone 7 and iPhone

Well, I have to admit – I am biased. I never used an iPhone in my life and based on my experience with my iPod, I hope I never have to, but who knows. I really do not like the UI which – to me – is everything but user friendly and the worst thing…


Another Cyberwarfare School–better keep them employed!

A lot of countries are currently looking at their capabilities to defend their networks as well as leveraging technology for offense doing “Cyberwarfare”. Let’s now not debate where this starts or ends… Pakistan is another example: Pakistan to open cyber warfare school I can understand where governments and militaries are coming from but this deeply…


Using the Microsoft Diagnostics and Recovery Toolset (DaRT) for Incident Response

A few years ago I posted on DaRT after having seen it: Microsoft Diagnostics and Recovery Toolset. It is a really good an interesting tool for a lot of problems, one of them being incident response. I just stumbled across one article describing this: Using the Microsoft Diagnostics and Recovery Toolset (DaRT) for Incident Response….


VeriSign to Take Down Malware Sites?

This is actually an interesting approach: VeriSign Proposes Takedown Procedures and Malware Scanning for .Com. This leads to the discussion I have so often: What is more important? The single website or the greater good? Now, do not get me wrong: I see the risks of VeriSign taking down because a blog hosted there…


German’s Government-Created Trojan Vulnerable

It is not that rare for Law Enforcement that they use software to spy in the case of severe accusations like terrorism. What is kind of surprising is the level of sophistication some of these Trojans seem to have – and not necessarily to the good side. The German Chaos Computer Club analyzed the Trojan…


Why Patents are not here to be violated: Google’s challenges with Android

Interesting: Microsoft takes the Android profit, the Wonkas take the pain I quote: Yet Android costs Google billions, without drawing revenue. Microsoft is making half a billion a year from Android. The settlement with Oracle, when it eventually comes, will add even more costs to working with Android – for anyone who dabbled with it….


Hackers using QR Codes to Push Malware

Always something new… As these kinds of codes are mainly used on mobile phones (or only used on mobile phones) the malware actually addresses smartphones “only” – in this case Android: Hackers using QR codes to push Android malware. If you use a code such as this (source: ZDnet Article referenced): You will be redirected…