External News

Browse by Tags

• antivirus
• Backup
• blog
• blogging
• Breaking News
• Business Intelligence (BI)
• Business Users
• Community
• Consumer
• Database
• Desktop
• email
• Enterprise
• Forensic
• Fun Stuff
• Identity Lifecylce Manager
• Identity Management
• IE
• IIS
• Information Worker
• infrastructure
• IT Pro
• IT Pro Resources
• IT Professional
• IT 人員
• IT 經理
• IT-Professionals
• Law Enforcment
• Longhorn Server
• Management
• Martina Grom
• Microsoft
• Microsoft Resources
• MSCASI
• MSDN
• NAP IPSEC
• Network
• news
• Office
• Office System
• Operations Management
• OS
• performance
• PKI
• Policy
• Process
• Remote Access
• Scrawlr
• script
• SDL
• Search
• server
• Sex
• SharePoint
• SQL
• SQL Injection
• SQL Server
• Strategy
• Survey
• TDM
• Tech News
• TechNet
• TechNet Webcasts
• Toni Pohl
• Tools
• trends
• UC & C
• URLScan
• Violence
• Virtualization
• Visual Studio
• Web
• Webcasts
• WIFI
• Windows
• Windows Server
• Zertifikat
• 台灣微軟
• 微軟
• 技術支援
• 技術討論
• 技術資源
• 程式開發
• 系統管理
• 網路
• 解決方案
• 資料庫
• 資料庫管理
• 資訊
• 資訊人員
• 資訊安全
• 資訊部門經理
• 部落格

• Out of band security update MS08-067

  Microsoft released the announced out of band security update MS08-067. Please read the bulletin carefully and then apply the update as soon as possible. http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx In addition there is also an excellent... Posted Oct 27 2008, 06:30 AM by TechNet Blogs Filed under: Security, Windows, Microsoft, Consumer, Enterprise, Developer

• Internet Explorer 8 (beta2) released

  Last week Microsoft released IE8 Beta2, the faster, easier and safer successor of the existing Internet Explorer. As there are a lot of changes (new default settings, new support for standards, new features), it's definitely woth to try and test IE8... Posted Sep 03 2008, 02:17 AM by TechNet Blogs Filed under: Security, IE, Windows, Microsoft, Consumer, OS, Enterprise, Developer, trends

• The Open Computer Forensics Architecture (OCFA)

  The Open Computer Forensics Architecture (OCFA) is a modular computer forensics framework built by the Dutch National Police Agency. The main goal is to automate the digital forensic process to speed up the investigation and give tactical investigators... Posted Aug 29 2008, 01:54 AM by TechNet Blogs Filed under: Security, Enterprise, Developer, Forensic

• Breaking News: SQL Server 2008 is RTM!

  ( RTM = Released to Manufacturing) Yes indeed.. today the newest version of the best database software platform anywhere reached a major milestone.  It’s ready!  You can read the PressPass announcement here. And here is the official press location... Posted Aug 06 2008, 01:37 PM by TechNet Blogs Filed under: Security, news, SQL Server, IT Pro Resources, Microsoft Resources, Sex, Violence, performance, Tech News, Developer, Breaking News

• Tool gegen SQL Injection

  Seit Ende Juni gibt es eine Hilfe für Entwickler und IT-Administratoren gegen SQL Injection in Websites vom Typ classic asp und zwar den Microsoft Source Code Analyzer for SQL Injection - June 2008 CTP (siehe auch Beitrag Totgesagte leben länger - so... Posted Jul 07 2008, 03:50 AM by TechNet Blogs Filed under: Security, SQL Server, IT Professional, Developer, Toni Pohl

• New Security Tools for IIS and SQL

  In cast you didn't see it, the Microsoft Security Response Center (MSRC) team just announced the release of three tools to help customers fend off SQL injection attacks: UrlScan 3.0 Beta ( see Wade Hilmo's blog for more ), a security tool that... Posted Jun 25 2008, 04:45 PM by TechNet Blogs Filed under: Security, Microsoft, SQL Server, Tools, IIS, Developer, Database, SDL, SQL Injection, Process, URLScan, Scrawlr, MSCASI

• Visit the New SDL (Security Development Lifecycle) Web Site

  I wanted to mention to folks that a new Security Development Lifecycle (SDL) web site went up earlier this month on microsoft.com. Amazingly, you can navigate to it via http://www.microsoft.com/sdl , instead of some long name you'd never remember... Posted Jun 19 2008, 07:08 PM by TechNet Blogs Filed under: Security, Microsoft, Developer, SDL, Process

• Covert channel vulnerabilities in anonymity systems

  Excerpt: The spread of wide-scale Internet surveillance has spurred interest in anonymity systems that protect users’ privacy by restricting unauthorized access to their identity. This requirement can be considered as a flow control policy in the well... Posted Jun 13 2008, 04:42 PM by TechNet Blogs Filed under: Security, Consumer, antivirus, Enterprise, Developer, trends

• Totgesagte leben länger - so auch SQL-Injection

  Die guten alten Zeiten - da war alles noch einfacher. Oder doch nicht? Ich habe mal an einem größeren Shop-System programmiert - das war im Jahr 2000 - und dabei gelernt, dass man einige Dinge beachten muss: Funktionalität, Usability und ... Security... Posted Jun 05 2008, 10:33 AM by TechNet Blogs Filed under: Security, SQL Server, IT Professional, script, Developer, Toni Pohl

• SQL Injection General Guidance

  There s a lot of noise arround currently ongoig SQL injection attacks and even if that is quite an "old" topic, there are still a lot of unprotected servers out in the cloud. This has nothing to do with vulnerabilities in the products (Webserver... Posted May 28 2008, 03:07 AM by TechNet Blogs Filed under: Security, Microsoft, Enterprise, Developer

• Managing the Windows Vista Firewall

  If you're an IT pro who is looking a bit more seriously at Windows Vista for your enterprise environment, you should take a close look at the firewall. Once you realize what the Windows Vista firewall can do, you may want to renegotiate the agreement... Posted May 26 2008, 06:58 AM by TechNet Blogs Filed under: Security, Windows, Microsoft, Network, Consumer, OS, Enterprise, Developer, Policy, Strategy

• New Elevation PowerToys for Windows Vista

  Run as Administrator for third-party scripting tools Run as Another User Prompt Here as System for CMD and Windows PowerShell Drag-and-drop Elevation Gadget http://technet.microsoft.com/en-us/magazine/cc510320.aspx Urs...( read more ) Share this post... Posted May 26 2008, 06:47 AM by TechNet Blogs Filed under: Security, Windows, Microsoft, Consumer, OS, Enterprise, Developer

• SQL Injection 攻擊說明

  APGC 安全技術支援團隊在過去的幾周中接到了多個利用 SQL Injection( 資料隱碼 ) 攻擊並導致使用者被植入惡意程式的案例。有鑒於這些攻擊的影響以及愈發擴大的爆發規模，安全技術支援團隊以安全警報的形式發布資訊。請將這些資訊分享給客戶以及合作夥伴，提高對目前在網站攻擊事件上的警惕。 跡象 根據 5 月 19 號的估測，中國大陸，香港，臺灣的 12 萬網站受到了 SQL 注入攻擊。 在大中華地區，包括許多公共網站，包括政府，教育部門，非政府組織的慈善機構，以及私人企業都遭受到 SQL Injection... Posted May 23 2008, 04:47 AM by TechNet Blogs Filed under: Security, Microsoft, TechNet, SQL Server, Community, MSDN, IT Pro, blog, Developer, 解決方案, IT 經理, 資訊安全, 微軟, 台灣微軟, 技術討論, IT 人員, 資訊人員, TDM, 技術資源, 技術支援, 部落格, 資料庫管理, 資訊部門經理, 資料庫, 資訊, 網路, 系統管理, 程式開發

• Web 2.0, meet Internet attack 2.0

  The glitzy, interactive abilities of Web 2.0 have led to a profusion of new applications, but the technology also is bringing a new era of security vulnerabilities, a security researcher warned Wednesday. "Security was a challenge to begin with,... Posted Apr 30 2008, 03:47 AM by TechNet Blogs Filed under: Security, IE, Consumer, antivirus, Enterprise, Developer, trends

• Modern 'primitive' could ease the pain of encrypting massive amounts of data

  Researchers have devised an encryption scheme that could simplify the protection of sensitive information by allowing banks, hospitals, and other organizations to lock files using keys that are based on specific attributes, such as an employee's position... Posted Apr 30 2008, 03:44 AM by TechNet Blogs Filed under: Security, Consumer, Enterprise, Developer

• Researchers find hole in 'flawless' encryption technology

  Quantum cryptography, a new technology until now considered 100 per cent secure against attacks on sensitive data traffic, has a flaw after all, Swedish researchers say. "In computer terms, we've found a bug," said Jan-Aake Larsson, an associate... Posted Apr 30 2008, 03:40 AM by TechNet Blogs Filed under: Security, Microsoft, antivirus, Enterprise, Developer

• Infosec/Microsoft: Security community must work together

  Microsoft has called on companies to work together to improve overall security, and not just rely on the police to do it for them. Ed Gibson, Microsoft's chief security advisor in the UK, said during his keynote at Infosecurity Europe 2008 that security... Posted Apr 30 2008, 03:22 AM by TechNet Blogs Filed under: Security, Microsoft, Enterprise, Developer, Strategy

• Automatic Patch-Based Exploit Generation

  Paper Abstract: In this paper, we propose techniques for automatic patch-based exploit generation, and show that our techniques can automatically generate exploits for vulnerable programs based upon patches provided via Windows Update. In many cases we... Posted Apr 30 2008, 02:57 AM by TechNet Blogs Filed under: Security, Microsoft, Consumer, Enterprise, Developer

• Microsoft calls for talks on Internet trust, safety

  Microsoft today called for broad discussions about the safety of the Internet in an initiative it dubbed "End to End Trust" in a white paper released during the RSA Conference that opened today in San Francisco. In a keynote address at the security conference... Posted Apr 11 2008, 06:16 AM by TechNet Blogs Filed under: Security, IE, Windows, Microsoft, Virtualization, email, Network, Consumer, antivirus, OS, Enterprise, Identity Management, Developer, trends, WIFI, PKI, Policy, Strategy, NAP IPSEC, Remote Access

• Outsource your code & you're more likely to be hacked

  In a new report released by European information technology analysis group, Quocirca, organisations that admitted to being frequently hacked, all outsource at least some of their coding practice, with 90 percent outsourcing more than 40 percent! With... Posted Apr 11 2008, 06:13 AM by TechNet Blogs Filed under: Security, Enterprise, Developer, trends, Survey

• IC3's 2007 Internet Crime Report

  The USA's Internet Crime Complaint Center (IC3) is a partnership between the FBI and the National White Collar Crime Center (NW3C). Last week, the IC3 released its annual report for 2007. You can download a copy from here . From F-Secure: Malicious software... Posted Apr 10 2008, 04:57 AM by TechNet Blogs Filed under: Security, Consumer, antivirus, Enterprise, Developer, Survey, Law Enforcment, Forensic

• Security researchers show how to hook phishers

  Security researchers are cooking up tactics for beating phishing fraudsters at their own game. Phishers perennially set up fraudulent sites on servers they have compromised. But due to the sheer volume of sites that need to be set up to perform a successful... Posted Mar 26 2008, 03:16 AM by TechNet Blogs Filed under: Security, Consumer, antivirus, Enterprise, Developer

• IT Business Forum: Richtlinienbasierender (Fern-)Zugriff auf Ressourcen und Applikationen

  Mobiles Arbeiten wird für Wettbewerbsfaktoren wie Flexibilität, Geschwindigkeit und Kundennähe immer wichtiger. Elementare Voraussetzung dafür ist eine mobile IT, die neben einer hohen Verfügbarkeit vor allem maximale Sicherheit... Posted Mar 17 2008, 03:50 AM by TechNet Blogs Filed under: Security, Web, server, infrastructure, IT-Professionals, Business Users, Identity Management, Developer, Desktop

• Generate Your Own Security Code Review Checklist Document

  In this post from the ACE Team, they show how to generate Security Code Review Checklist using patterns & practices Guidance Explorer and Outlook 2007. Checklist documents can be generated without Outlook 2007 by only using the Guidance Explorer client... Posted Mar 12 2008, 06:51 AM by TechNet Blogs Filed under: Security, Microsoft, Enterprise, Developer

• Microsoft buys U-Prove technology

  Microsoft Corp. hopes to beef up online privacy with the acquisition of the U-Prove technology, the company announced on Thursday. U-Prove was developed by Stefan Brands at Credentica Inc. to allow Internet users to disclose only the minimum amount of... Posted Mar 12 2008, 06:13 AM by TechNet Blogs Filed under: Security, Windows, Microsoft, Consumer, Enterprise, Identity Management, Developer