Archive for the ‘Microsoft Security Intelligence Report Volume 15’ Category

Microsoft Security Intelligence Report desktop application updated with over 750 pages of data

December 20th, 2013 No comments

A few months ago we launched the Microsoft Security Intelligence Report (SIR) application that was designed to provide customers with an enhanced way to access the vast amount of threat intelligence contained in the SIR. The SIR app makes it easy to find, copy and share data from the Microsoft Security Intelligence Report. The SIR app runs on Windows 7 and Windows 8 based systems. Read more

…(read more)

Microsoft Cybersecurity Report: Top 10 Most Wanted Enterprise Threats

November 26th, 2013 No comments

In my travels abroad over the years, I have had the great opportunity to meet with many enterprise customers to discuss the evolving threat landscape.  In addition to helping inform customers, these meetings have provided me with an opportunity to learn more about how customers are managing risk within their environments.   Many of these customers are interested in learning about the top threats found in enterprise environments.  Visibility into what threats are most common in enterprise environments helps organizations assess their current security posture and better prioritize their security investments.  Given the high level of interest in this information, I thought it would be helpful to take a close look at the top 10 threats facing enterprise customers based on new intelligence from the latest Microsoft Security Intelligence Report (SIRv15). 

The latest report found that in the enterprise environment, on average about 11% of systems encountered malware, worldwide between the third quarter of 2012 (3Q12) and the second quarter of 2013 (2Q13).  The “encounter rate” is defined as the percentage of computers running Microsoft real-time security software that report detecting malware – typically resulting in a blocked installation of malware. This is different from the number of systems that actually get infected with malware, a measure called computers cleaned per mille (CCM).  Read more

…(read more)

Ransomware is on the Rise, Especially in Europe

November 19th, 2013 No comments

The recently published Microsoft Security Intelligence Report (SIRv15) contains a section on ransomware. Ransomware is a type of malware that is designed to render a computer or its files unusable until the computer user pays the demanded amount of money to the attacker. It often masquerades as an official-looking warning from a well-known law enforcement agency, such as the US Federal Bureau of Investigation (FBI) or the Metropolitan Police Service of London. Some examples are provided in Figure 1.

Ransomware has emerged as a relatively prevalent threat primarily in Europe. With the exception of New Zealand, all the locations where ransomware families made it onto the top ten list of threats in the second quarter of 2013 were in Europe; these locations include Austria, Belgium, Croatia, Cyprus, Czech Republic, Denmark, Finland, Germany, Ireland, Norway, Portugal, Slovakia, Slovenia, Sweden, Switzerland, and the United Kingdom.  Read more.

…(read more)

The Threat Landscape in South America: Chile and Colombia

November 13th, 2013 No comments

In this fourth and final part of our series on the threat landscape in South America, we examine threats in Chile and then Colombia.  As illustrated in Figure 1, both of these regions have had periods where their malware infection rates were above the worldwide average, and have more recently trended down. Read more

…(read more)

The Threat Landscape in South America: Argentina and Uruguay

November 11th, 2013 No comments

In this third part of our series on the threat landscape in South America, we examine threats in Argentina and Uruguay.  Of the locations represented in Figure 1, Argentina and Uruguay are among the locations with the lowest malware infection rates in South America. Read more

…(read more)

The Threat Landscape in South America

November 6th, 2013 No comments

One region of the world I haven’t written extensively about before is South America.  Recently I had the opportunity to visit a couple of countries in South America to visit customers and discuss the threats they see in their environments. This is part 1 in a series of articles that will focus on threats found in several locations including Argentina, Brazil, Chile, Colombia and Uruguay. All of these articles are based on new data published in the Microsoft Security Intelligence Report volume 15 and previous volumes.

As seen in Figure 1, several locations in South America have malware infection rates (CCM) higher than the worldwide average, while a few locations have infection rates lower than the worldwide average.  In the fourth quarter of 2012 (4Q12) Bolivia had the highest infection rate with 9.4 systems infected for every 1,000 that the Microsoft Malicious Software Removal Tool (MSRT) scanned there.  The worldwide average in 4Q12 was 6.0 and Uruguay had the lowest infection rate of the locations examined with a CCM of 3.1. But infection rates in the region changed dramatically in the first half of 2013. Bolivia, Ecuador, Peru, and Venezuela all saw infection rate increases during the second quarter of 2013 (2Q13). Peru’s malware infection rate increased from 9.4 in 1Q13 to 17.0 in 2Q13, a 45 percent increase in ninety days. Ecuador saw a 27 percent increase in its infection rate in 2Q13 while Bolivia saw a 29 percent increase in the same period. Read more

…(read more)

The Threat Landscape in the European Union at RSA Conference Europe 2013

November 4th, 2013 No comments

We had the opportunity to present new findings from the Microsoft Security Intelligence Report volume 15 at RSA Conference Europe last week in Amsterdam. Jeff Jones and I presented some of the new data from the report.

In our session we discussed some of the global threats from the report, as well as a custom analysis on the threat landscape in the European Union (EU). I recently published a blog on the threat landscape in the EU, over on the Microsoft Europe blog, that also includes a new video: Security Intelligence Report: new threat data for the European Union shows that Windows XP is losing pace with attackers. Read more

…(read more)

Microsoft Security Intelligence Report Volume 15 Now Available!

October 29th, 2013 No comments

This morning, at the RSA Europe conference, Mike Reavey, General Manager for Trustworthy Computing delivered a keynote in which he announced the release of the Microsoft Security Intelligence Report volume 15 (SIRv15).  The Microsoft Security Intelligence Report is the most comprehensive cybersecurity threat intelligence report in the industry that analyzes and provides in-depth perspectives on exploits, vulnerabilities, and malware for more than 100 countries/regions worldwide.  It is designed to provide prescriptive guidance which can help our customers manage risk and protect their assets.

In addition to many other key learnings, the report examines the security risks of running unsupported software and looks at the implications of using Windows XP once support, including security updates, ends on April 8, 2014.  I encourage you to check out my post titled ““New Cybersecurity Report Details Risk of Running Unsupported Software” on the Microsoft on the Issues blog which discusses the data on this topic in greater detail for more information.  To download the new Security Intelligence Report, please visit

…(read more)