Autorun malware used to be kind of a big deal around here. Worms that jump directly from removable media such as USB drives as soon as they are connected to a PC can cause some major trouble, spreading quickly through a network. Microsoft made a change to newer versions of Windows that disables the autorun[…]
Browsing Category: Microsoft
Microsoft and Adobe released their monthly security updates and patches. Microsoft also announced enhancements to its certificate-handling infrastructure.
Calling it the company’s “most aggressive” botnet operation operation to date, Microsoft provided details early Wednesday evening regarding a massive disruption of the Citadel botnet.
REDMOND, Wash.–If one were to draw up a list of the most challenging jobs in the technology industry, chief privacy officer at Microsoft likely would be pretty near the top of it. For a company with the size and scope of Microsoft, the volume of potential privacy issues is nearly endless, and if someone is calling you for help, something has probably gone wrong.
The Microsoft Digital Crimes Unit has been spearheading botnet takedowns and other anti-cybercrime operations for many years, and it has had remarkable success. But the cybercrime problem isn’t going away anytime soon, so the DCU is in the process of building a new cybercrime center here, and soon will roll out a new threat intelligence service to help ISPs and CERT teams get better data about ongoing attacks.
REDMOND, Wash.–Cybercrime has developed in the last few years into a major concern, not just for the consumers and businesses that are victims, but also for governments around the world. Obama administration officials have called it one of the larger threats to the United States economy. While law enforcement agencies handle the investigative and prosecutorial[…]
Microsoft’s May 2013 Patch Tuesday security updates include patches for the IE 8 zero day at the heart of the Department of Labor watering hole attacks.
Microsoft later this month will release a new version of its EMET protection tool, and this iteration will include a certificate pinning feature that will enable users to associate a specific certificate with a given certificate authority. The feature is designed a defense against man-in-the-middle attacks that use forged certificates to redirect users or intercept protected traffic.
Microsoft released a Fix It temporary mitigation for a zero-day vulnerability in Internet Explorer 8 that was used in a watering hole attack against the U.S. Department of Labor’s website.
Four months after he was arrested in Thailand, a man suspected of being one of those running the SpyEye botnet appeared in court late last week in Atlanta to answer charges that he was part of the crew using the malware to steal millions of dollars from victims worldwide. Hamza Bendelladj was indicted in late 2011[…]