The Latest Picture of the Threat Landscape in the European Union – part 3

In part 1 of this series on the threat landscape in the European Union (EU) I discussed the encounter rates (ER) and infection rates (CCM) among EU countries/regions, diving a little deeper into the locations with the highest malware encounter rates and infection rates. In part 2 I discussed the locations in the EU with the lowest ERs and CCMs, as well as the top threats found in the region … Read more »

The Latest Picture of the Threat Landscape in the European Union – part 2

In part 1 of this series on the threat landscape in the European Union (EU) I examined the encounter and infection rates among EU member countries/regions, focusing on a couple of the locations with highest malware encounter rates (ER) and infection rates (CCM). In part 2 of the series I’ll focus on the locations in the EU with the lowest ERs and CCMs, I’ll also examine the top threats found … Read more »

Governments recognize the importance of TPM 2.0 through ISO adoption

Earlier today, the Trusted Computing Group (TCG) announced in a press release the Trusted Platform Module (TPM) 2.0 Library Specification was approved by the ISO/IEC Joint Technical Committee (JTC) 1 and will be available later in the year as ISO/IEC 11889:2015. This landmark accomplishment is set to encourage worldwide adoption of the TPM 2.0, which is critical for improving trust in information technology products and services. TPM 2.0 builds on … Read more »

The Latest Picture of the Threat Landscape in the European Union – part 1

I had the opportunity to visit with some European based customers when I spoke at the RSA Unplugged conference in London just a few weeks ago. Many of the customers I met with were very interested in a deep dive into the types of threats we see in the region. I have written about the threat landscape in Europe and European Union (EU) extensively over the years, including the articles … Read more »

The Risk of Leaked Credentials and How Microsoft’s Cloud Helps Protect Your Organization

This week the Microsoft Identity and Security Services Division announced another new security report feature is now in preview that helps protect Azure Active Directory Premium customers from the risk associated with leaked credentials. The Risk of Leaked Account Credentials One scenario that has unfortunately become all too common is where account credentials are stolen in bulk by criminals through website breaches. Credentials are also unwittingly provided directly by the … Read more »

Latest data shows newer versions of Windows have lower malware infection rates than older versions

We released the latest volume of the Microsoft Security Intelligence Report last week. The latest data on how different versions of the Windows operating system are mitigating modern malware attacks suggests that newer versions are performing better than older versions. The figure below illustrates the malware infection rates for Windows client and server operating systems in the third and fourth quarters of 2014 based on data from hundreds of millions … Read more »

The life and times of an exploit

Just this week we released the latest Microsoft Security Intelligence Report that focuses on the threat landscape in the second half of 2014. The “featured intelligence” included in the new volume of the report examines the increased speed at which purveyors of commercial exploit kits are trying to take advantage of newly disclosed vulnerabilities, even in cases where security updates have been developed, released and deployed to hundreds of millions … Read more »

Mass vulnerabilities in Android applications spike industry vulnerability disclosures in 4th Quarter 2014

We have included data and analysis on industrywide vulnerability disclosures in the Microsoft Security Intelligence Report (SIR) for many years. We compile and analyze this information using vulnerability disclosure data that is published in the National Vulnerability Database (NVD) – the US government’s repository of standards-based vulnerability management data at nvd.nist.gov. The NVD represents all vulnerability disclosures that have a published Common Vulnerabilities and Exposures identifier (CVE). The vulnerability disclosure … Read more »

Latest Microsoft Security Intelligence Report Now Available

Volume 18 of the Microsoft Security Intelligence Report (SIR) is now available at http://microsoft.com/sir. This volume of the SIR focuses on the second half of 2014 and contains longer term trend data as well. SIR volume 18 contains data, insights and practical guidance on a range of global and regional cybersecurity threats including vulnerability disclosures, malware and unwanted software including the latest on Ransomware, malicious websites such as drive-by download … Read more »

A Week in The Hague: The Global Conference on Cyberspace (GCCS)

Cybersecurity experts from around the world recently gathered at the Global Conference on Cyberspace (GCCS) in The Hague. Over a thousand delegates from across the private sector, government and civil society attended the main conference, and many used the opportunity to promote practical cooperation in cyberspace, enhance capacity building and to discuss norms of state behavior in cyberspace. While such events are easily dismissed, I came away from the conference … Read more »