Jeff J. posted an article on Jeff Jones Security Blog - Feb 7, 2012, 12:36 pm
Phishing is a method of credential theft that tricks Internet users into revealing sensitive information, such as personal or financial information, online. Phishers use phony websites or deceptive email messages that mimic trusted businesses and brands...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Feb 1, 2012, 12:27 pm
You might have heard that January 2012 marked the ten year milestone of Bill Gates’ now famous email that started Trustworthy Computing at Microsoft. This email resulted in many changes across the company that have cascaded over the years. I have worked...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Jan 30, 2012, 7:08 pm
Last week the White House released its National Strategy for Global Supply Chain Security fact sheet. I found this to be a very important step forward in addressing one of the most complex challenges facing the United States, as well as, governments around...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Jan 28, 2012, 1:47 am
  Trending Security News The week ended with some ruffled feathers as Twitter announced it would allow some content in certain countries to be censored. The New York Times headlined its coverage as “ Twitter Announces Micro-Censorship Policy ” while...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Jan 20, 2012, 11:01 pm
  Trending Security News This week industry protests against the proposed Stop Online Piracy Act (SOPA) in the U.S. House of Representatives and the Protect IP Act (PIPA) in the Senate ended with both bills being pulled. MSNBC’s headline captured...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Jan 13, 2012, 6:24 pm
  Trending Security News This week, Microsoft Trustworthy Computing marked its 10 year milestone and several news stories focused on learning lessons and contributions to security. Elinor Mills’ CNET article captured the sentiment: “ Microsoft security...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Jan 12, 2012, 12:49 pm
I was not at Microsoft ten years ago this week, but the ten year milestone for Trustworthy Computing (TwC) has a lot of significance for me, given that I have spent most of that time working with people here at Microsoft to improve security and privacy...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Jan 6, 2012, 9:46 pm
  Trending Security News The news this week had a science fiction style with reports that the Japanese Defense Ministry is nearing completion of a "seek-and-destroy" computer virus capable of disabling cyberattacks at their source. The...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Jan 4, 2012, 3:27 am
The threat landscape in India has turned out to be more active than initially suspected. India has had a relatively low malware infection rate for some time, which seemed subdued for a region that has such a large high tech industry. But with the new...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Dec 30, 2011, 8:10 pm
Trending Security News In August we started posting the Weekly Roundup to share trending security news from many viewpoints. Week by week the flow of news provides insights into the ever growing challenges faced in the global efforts to secure cyberspace...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Dec 24, 2011, 1:51 pm
  Trending Security News Several stories this week in security focused on the U.S. Chamber of Commerce. The Wall Street Journal ran a story on China Hackers Hit U.S. Chamber of Commerce ; Network World’s coverage focused on Chinese hack on U.S. Chamber...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Dec 16, 2011, 5:03 pm
Trending Security News The big news this week centered on how Iran managed to electronically intercept a U.S. spy drone (analysts suggest use of GPS spoofing), and cause it to land safely within the country. The Christian Science Monitor, in its article...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Dec 15, 2011, 12:32 am
In a recent post, called The Curious Case of Qatar , I discuss how Qatar has the highest regional infection rate that we have ever reported. Prior to this the Republic of Korea had the highest malware infection rate in the world; back in July of this...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Dec 12, 2011, 4:44 pm
In part one of this two-part series, I focused on how drive-by download attacks work. These attacks can be complicated because they can use multiple levels of redirection enabling components of an attack to be hosted on compromised systems in different...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Dec 9, 2011, 4:51 pm
Trending Security News In our industry, we frequently talk about security concerns for applications and games, but this week television star Alec Baldwin brought a different twist to the discussion of “security concerns” when he wouldn’t stop playing...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Nov 2, 2011, 11:59 am
I recently visited Brussels, where the European Union has its main base of operations. I had the opportunity to talk to numerous people there about the latest Microsoft Security Intelligence Report containing data and insights on the cyber-threats Microsoft...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Oct 14, 2011, 7:47 pm
Trending Security News This week included the release of the Microsoft Security Intelligence Report (SIR) volume 11, which included some focused research to put “zero-day” exploits in context.  Dark Reading captured the essence of the research with...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Oct 13, 2011, 2:10 pm
This week Business Roundtable (BRT) released its report Mission Critical: A Public-Private Strategy for Effective Cyber Security . Microsoft is an active participant in BRT and we believe this report includes key insights that can help inform and advance...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Oct 10, 2011, 11:27 am
Today we released a large body of new data and analysis on the threat landscape in volume 11 of the Microsoft Security Intelligence Report (SIRv11) . This volume of the SIR is the largest and most in-depth report on threats that we have ever developed...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Oct 6, 2011, 1:03 pm
The product of human ingenuity and innovation, cyberspace now delivers a range of critical services to more citizens around the world than ever before. Yet, the online world as we know it stands at the threshold of unprecedented change. Being invited...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Sep 28, 2011, 12:00 pm
Over the past few years there has been a lot of concern about “advanced persistent threat” and targeted attacks such as “spear-phishing” and “whaling”. In my discussions with security professionals in different parts of the world I have encountered many...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Sep 27, 2011, 5:10 pm
The snake oil salesman was a colorful part of American history, especially in the frontier West. The term comes from people offering what was purported to be oil from a snake to ease the pain of arthritis—though the term soon evolved to cover all...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Sep 26, 2011, 11:46 am
The sixth annual United Nations Internet Governance Conference (UN-IGF) meeting is being held this week (September 27-30, 2011) at the U.N. Office in Nairobi, Kenya (UNON). The main theme of this meeting is “Internet as a catalyst for change: access,...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Sep 24, 2011, 4:40 am
Trending Security News The week ended on a high note with news that Microsoft had successfully completed its civil action in the Rustock botnet case and had passed along all of its evidence to the FBI for possible criminal investigation. CNET led the...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Sep 22, 2011, 6:53 pm
It was great to read this morning about Microsoft successfully concluding its civil case against the Rustock botnet operators, and referring the matter, along with all the evidence it has discovered, to the FBI for criminal review. Readers may recall...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Sep 22, 2011, 12:52 pm
I am just returning from Washington, DC where I had the privilege to attend and present at the Control Systems Cyber Security Conference . I have attended this annual conference several times in the past and it never fails to attract some of the brightest...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Sep 22, 2011, 3:00 am
I’m happy today to introduce a guest blog post by Matt Thomlinson, the General Manager of Trustworthy Computing Security at Microsoft, who leads the Microsoft Security Engineering Center (MSEC), the Microsoft Security Response Center (MSRC), and...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Sep 17, 2011, 5:04 am
Trending Security News Sometimes the juxtaposition of stories you read is kind of interesting. Over at Network World, Tim Greene authored an article Bot army being assembled, awaiting orders . While CNET News reported Heidi Klum the 'most dangerous' celeb...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Sep 16, 2011, 4:39 pm
Tim Rains’ recent series on Lessons from the Least Malware Infected Countries has been very popular, so we created a page that brings all of the links together so that it is easier to read through the full series of posts. Click here to go to the full...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Sep 10, 2011, 2:06 pm
Trending Security News DigiNotar continued to reverberate through the industry this week. Companies scrambled to block and eliminate potentially compromised certificates. Meanwhile security experts took time to ponder what the event meant for security...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Sep 8, 2011, 3:21 pm
Last week, Microsoft released Security Advisory 2607712 , notifying customers that fraudulent digital certificates had been issued by certificate authority DigiNotar.   Earlier this week, the Microsoft Security Research & Defense Blog (srd...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Sep 2, 2011, 7:01 pm
Trending Security News The big security news this week focused on the security breach of Dutch certificate authority DigiNotar, a subsidiary of Chicago-based Vasco Data Security. This significance of the event was underscored when it was announced that...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Aug 24, 2011, 1:38 pm
In this final post in the series on select locations with consistently low malware infection rates, I share some key findings on how these regions maintain low infection rates. My previous five blog posts in this series focused on the threat landscape...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Aug 23, 2011, 7:04 pm
The CSO carries a heavy load, as the person responsible for overall direction of security functions associated with IT applications, communications, and computing services and security within the enterprise. Part of what makes the role of the CSO so challenging...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Aug 20, 2011, 6:21 pm
Trending Security News This week security news stories focused on the rise of rapidly changing social engineered malware spread through mail attachments designed to infect your computer. You may have received these suspicious often poorly written emails...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Aug 16, 2011, 10:57 pm
  Japan is the final location of focus in this series of posts on regions that consistently have low malware infection rates. I hope these insights into the threat landscape in regions with low infection rates prove useful to regions with higher...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Aug 12, 2011, 1:35 pm
Trending Security News Probably the most widely discussed and interesting story in security news was the follow-on activity from McAfee’s disclosures last week of “Operation Shady Rat.”   As we noted previously , Vanity Fair called it an “unprecedented...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Aug 11, 2011, 8:45 pm
In this fourth installment in the series of posts, I focus on locations that consistently have low malware infection rates. In this case we examine the threat landscape in Germany . I’m trying to offer insights into the threat landscape in regions...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Aug 10, 2011, 9:31 pm
We just released a new report from the Microsoft Security Response Center (MSRC) called “ Building a Safer, More Trusted Internet Through Information Sharing .” This report provides you with an update on the progress of key MSRC initiatives, along with...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Aug 8, 2011, 6:50 pm
When I was a teenager and a group of us headed to the car for some fun, someone would inevitably yell “I’ve got shotgun,” kicking off a race to the car and a round of “discussions” before seating arrangements were finally...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Aug 5, 2011, 4:10 pm
Trending Security News An eventful week with plenty coming out of the Black Hat conference, the Microsoft Blue Hat prize , publication of the EWI Cybersecurity Summit Report , and more, covered below. Black Hat USA 2011 With Black Hat USA 2011 running...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Aug 5, 2011, 1:45 pm
With the annual Black Hat (Vegas) conference providing extra focus on cybersecurity this week, but also eclipsing most other news, I want to call attention to the EastWest Institute publication of their report on the Second Worldwide Cybersecurity Summit...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Aug 3, 2011, 11:33 pm
This post profiles the threat landscape in Finland . This is part of a series of posts on the threat landscape in locations that consistently have low malware infection rates. I hope to offer insights into the threat landscape within regions in case this...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Aug 1, 2011, 7:55 pm
Austria - Lessons from Some of the Least Malware Infected Countries in the World – Part 2 In my last post on this topic, I mentioned providing a series of posts focused on the threat landscape in locations that consistently have low malware infection...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Jul 26, 2011, 1:17 pm
Vinny Gullotto, the General Manager of the Microsoft Malware Protection Center (MMPC) announced that Microsoft has opened a new research and response lab in Munich, Germany. This new lab will complement the existing research and response labs Microsoft...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Jul 26, 2011, 6:55 am
  The Internet, personal computers, smartphones, software, and online services, play a significant role in our lives. These technologies are among the most important components that make up Information and Communications Technology (ICT) systems...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Jul 25, 2011, 8:26 pm
Advice on what a young person should choose for a future is as old as civilization. In the United States the classic satirical take on such advice was in the 1967 movie “The Graduate”, when Dustin Hoffman playing an overwhelmed teenager, is...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Jul 22, 2011, 12:57 pm
We have been producing the Microsoft Security Intelligence Report for nearly five years now. Throughout that period of time I have seen a small group of countries/regions maintain relatively low malware infection rates. Examples include places like Austria...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Jul 8, 2011, 8:38 pm
In this post, I’d like to talk about the digital and social identity proxies that we create so that we can interact online – and talk about the steps I will be taking over the next few weeks to clarify and separate my own online personas. I was lucky...(read more)
Comment - Like

Jeff J. posted an article on Jeff Jones Security Blog - Jul 5, 2011, 11:55 am
The Rustock botnet was a large botnet with over 1 million infected computers under its control. This botnet was used to send large volumes of spam. Researchers at Microsoft observed a single Rustock infected computer sending 7,500 spam emails in 45 minutes...(read more)
Comment - Like