Dennis Fisher and Mike Mimoso talk about the year that was in the security industry, including the last six months of NSA drama, the Microsoft bug bounty program, exploit sales and attacks against major banks.
Browsing Tag: Microsoft
Windows Error Reporting crash reports are sent unencrypted to Microsoft and contain a wealth of system and application information that can be exploited not only by hackers but government agencies to fingerprint machines for compromise.
Microsoft claims that Turkish machines encounter more malware than computers in any other country in the world.
Microsoft said the botmasters behind ZeroAccess have abandoned the peer-to-peer botnet less than a month after Microsoft and law enforcement disrupted its click-fraud operation.
While Microsoft patched five critical vulnerabilities today, including the GDI+ zero day, experts urge a close look at an “important” patch addressing an ASLR bypass.
Microsoft account holders will soon be able to monitor recent log-in activity, generate a recovery code, and better manage security notifications.
Microsoft’s takedown of the ZeroAccess botnet wasn’t a complete success. Experts point out that Microsoft targeted only the money-making aspects of the botnet, and that its communication protocol was untouched.
Microsoft’s crusade against botnets raged on yesterday as the Redmond, Washington-based computer giant and a coalition of law enforcement agencies and Internet security companies disrupted the notorious ZeroAccess botnet.
Microsoft’s advanced notification of its December 2013 Patch Tuesday security updates includes a patch for the TIFF zero day. Microsoft will release 11 bulletins, five of the critical.
Microsoft is taking a number of steps to try and reassure customers about the integrity of the company’s offerings and to greatly expand the use of encryption across its services.