Microsoft

Today has been named as Safer Internet Day. On this occasion Microsoft has decided to take some time to talk to Xbox 360 owners and Xbox Live subscribers about how the company is trying to handle reports of Xbox Live accounts being highjacked. It's an issue that Microsoft and a number of Xbox Live users have been dealing with a lot lately. So far, Microsoft has insisted that the Xbox Live service itself has not been attacked and has blamed the account hijackings on phishing scams and other methods.

Internet Explorer 9 should be the go-to browser for organizations concerned about protecting machines from malicious downloads, according to a new study from NSS Labs: Microsoft's browser trounced rivals Chrome, Firefox, and Safari in the security company's more recent malware-blocking tests, a significant win considering that traditional malware remains among the most prevalent threats to users.

The media - and indeed many parts of the security industry - just looove zero-day exploits. They are exciting to report, to research, to block...but interestingly, SophosLabs sees much more malware exploiting patched vulnerabilities.

I know - it's a bit weird. Why would malware authors bother to target a vulnerability for which a patch is already available for download...for free? Surely, it would be a lost cause, a dud, a lemon, a non-starter.

Microsoft's renewed push for its Windows Phone platform centers on Mango, an update with hundreds of tweaks and features. Over the next few months, manufacturers such as Nokia will push an array of new smartphones boasting the software.

After his Xbox Live account was stolen, Josh had to file a Better Business Bureau complaint in order to make MIcrosoft pay attention to him and restore his account access. After three months, he was delighted to log back in to his account, but surprised to learn that he had been banned for a "code of conduct violation." What did his account do to get banned? It was trying to steal other accounts. Imagine that.

How important is it to secure and monitor Microsoft SharePoint?

The Russian man who Microsoft has accused of being the mastermind behind the Kelihos botnet has taken to his blog to deny the allegations.

"I did not commit this crime, [have] never participated in the management of botnets and any other similar programs and especially not extracted from it any benefit," Andrey Sabelnikov wrote Friday in a translated post on LiveJournal. The entry was directed to Microsoft and Kaspersky Labs, which also reportedly was involved in the takedown of Kelihos.

Microsoft will dump its Xbox Live point system by years' end, according to reports, in a move that could kill what is a cash cow for fraudsters.

The Microsoft Points system was used to purchase gaming content on Xbox Live.

But it was also used by scammers who etched out a grey market selling hacked Xbox Live profiles loaded with Microsoft Points. SC Magazine previously visited dozens of lawless auction and retail sites that freely sold Microsoft Points for a fraction of the cost charged by Xbox Live.

Several months ago there was a massive spam operation by the name of Kelihos botnet that both Microsoft and partners took offline, this menace having already sent 3.8 billion spam emails a day for some time. What you should know, and perhaps much more importantly, is the following fact: the controller and creator of that spam factory was no less than a former employee of several Antivirus firms. What does this mean for you? It means you should think twice before firing Johnny No-Virus from your Antivirus group, folks, because he’ll probably be spamming you soon.

Microsoft has quietly updated the Windows Live ID login system, which was most likely in response to a security concern that surfaced last week. The new procedure seeks to eliminate the risk of brute force attacks launching against Live ID logins, which could provide a method for hackers to gain unauthorized access to accounts.