Internet Security

Microsoft Security Intelligence Report Volume 12 Released

by certifiedbug on April 25, 2012

in Microsoft

Microsoft Security Blog

Today we released the latest volume of the Microsoft Security Intelligence Report (SIR) containing a large body of new data and analysis on the threat landscape. This volume of the SIR includes:Latest industry vulnerability disclosure trends and analysis

  • Latest industry vulnerability disclosure trends and analysis
  • Latest data and analysis of global vulnerability exploit activity
  • Latest trends and analysis on global malware and potentially unwanted software
  • Latest analysis of threat trends in more than 100 countries/regions around the world
  • Latest data and insights on how attackers are using spam and other email threats
  • Latest global and regional data on malicious websites including phishing sites, malware hosting sites and drive-by download sites

In addition, we have included a section in the report focused on how the threat called Conficker continues to propagate.

http://blogs.technet.com/b/security/archive/2012/04/25/microsoft-security-intelligence-report-volume-12.aspx

{ 0 comments }

Microsoft Security Intelligence Report (SIR) Volume 11

by certifiedbug on October 18, 2011

in Microsoft

Microsoft Security Intelligence Report
Analysis from January to June 2011.

Volume 11 of the Microsoft® Security Intelligence Report (SIRv11) provides in-depth perspectives on software vulnerabilities and exploits, malicious code threats, and potentially unwanted software in Microsoft and third-party software. Microsoft developed these perspectives based on detailed trend analyses over the past several years, with a focus on the first half of 2011.
This document summarizes the key findings of the report. The full report also includes deep analysis of trends found in more than 100 countries/regions around the world and offers ways to manage risks to your organization, software, and people.

Zeroing in on Malware Propagation Methods
Worldwide Threat Intelligence
Vulnerability Disclosures
Exploits
Document Exploits
Malware and Potentially Unwanted Software
Operating System Infection Rates
Threat Families and Categories
Enterprise Threats
Email Threats
Malicious Websites

Download the report: Security Intelligence Report (SIR) Volume 11 [PDF]

Download library has earlier SIR volumes.

{ 0 comments }

Microsoft: Rustock Civil Case Closed

by certifiedbug on September 22, 2011

in Microsoft

The Official Microsoft® Blog

Rustock Civil Case Closed: Microsoft Refers Criminal Evidence to FBI
22 Sep 2011

As you may have read in this morning’s edition of CNET, on Sept. 13th, Judge James L. Robart, of the U.S. District Court for the Western District of Washington ruled that the domain names and Internet protocol addresses used to host the botnet would be effectively removed from the defendants’ control. This case not only enabled the take down of a botnet known to be one of the single largest sources of spam on the Internet, but it is now helping to ensure that this botnet will never be used for cybercrime again. However, we’re not stopping here.

We are also turning over all of the evidence we collected during discovery and our investigation to the FBI, to help ensure those responsible for operating the Rustock botnet are held accountable for their actions. It is important to note that Microsoft ‘s $250,000 reward offer for information that leads to the arrest and conviction of Rustock’s operators remains in effect, but now any tips should be sent directly to the FBI at MS_Referrals@ic.fbi.gov.

Article:
http://blogs.technet.com/b/microsoft_blog/archive/2011/09/22/rustock-civil-case-closed-microsoft-refers-criminal-evidence-to-fbi.aspx

Certifiedbug, July 18, 2011. Microsoft Offers $250,000 Reward for Information on Rustock

{ 0 comments }

Scareware Industry lull

by certifiedbug on August 3, 2011

in Scareware Rogues

Another great article from Brian Krebs.

Fake Antivirus Industry Down, But Not Out

Many fake antivirus businesses that paid hackers to foist junk security software on PC users have closed up shop in recent weeks. The wave of closures comes amid heightened scrutiny by the industry from security experts and a host of international law enforcement officials. But it’s probably too soon to break out the bubbly: The inordinate profits that drive fake AV peddlers guarantee the market will soon rebound.

http://krebsonsecurity.com/2011/08/fake-antivirus-industry-down-but-not-out/

{ 0 comments }

Web redirector malware

August 2, 2011

July MSRT on web redirector malware Microsoft Malware Protection Center This month, we added Win32/Tracur and Win32/Dursg, two of the most prevalent pieces of malware belonging to the category of ‘web redirectors’, to our Malicious Software Removal Tool (MSRT). After just over two weeks in release, we have early numbers on our success in detecting [...]

Read the full article →

Microsoft Offers $250,000 Reward for Information on Rustock

July 18, 2011

The Official Microsoft Blog Posted by Richard Boscovich Senior Attorney, Microsoft Digital Crimes Unit 18 Jul 2011 Last month, I shared with you that the Rustock botnet has remained inactive since Microsoft and its partners took it offline on March 16th. Today, we take our pursuit a step further. After publishing notices in two Russian [...]

Read the full article →

Microsoft-New Threat Data on Rustock

July 6, 2011

Since successfully taking down the Rustock botnet on March 16th, Microsoft has continued to analyze the threat, investigate leads on the operations and owners of the botnet and work with Community Emergency Response Teams (CERTs) and Internet Service Providers (ISPs) worldwide to help the legitimate owners of Rustock-infected computers to clean their computers of malware. [...]

Read the full article →

Microsoft: 10 Immutable Laws Revisited

June 9, 2011

Microsoft TechNet. Version 2.0 Ten years ago, Microsoft penned the “Ten Immutable Laws of Security,” which debuted on TechNet. It was written before the rise of – among other technologies and trends – cloud computing, social networking, widespread smartphone adoption, and Windows XP, to name but a few landmarks along the way. Did a decade [...]

Read the full article →

Microsoft Advisory-Fraudulent Digital Certificates Could Allow Spoofing

March 23, 2011

Microsoft Security Advisory (2524375) Published: March 23, 2011 Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third [...]

Read the full article →

Joint effort brings down Rustock Botnet

March 17, 2011

Microsoft On The Issues 17 Mar 2011 This operation, known as Operation b107, is the second high-profile takedown in Microsoft’s joint effort between DCU, Microsoft Malware Protection Center and Trustworthy Computing – known as Project MARS (Microsoft Active Response for Security) – to disrupt botnets and begin to undo the damage the botnets have caused [...]

Read the full article →

← Previous Entries