1366 matches found
Meet the BlueHat Content Advisory Board
We couldn’t do BlueHat without the Content Advisory Board, the brain trust reviewing submissions to the CFP. Representing both Microsoft and other parts of security community, the CAB applies their industry and speaker experience to create the BlueHat agenda that’s the right mix of topics and...
Attacking the VM Worker Process
In the past year we invested a lot of time making Hyper-V research more accessible to everyone. Our first blog post, “First Steps in Hyper-V Research”, describes the tools and setup for debugging the hypervisor and examines the interesting attack surfaces of the virtualization stack components. W...
Scalable infrastructure for investigations and incident response
Traditional computer forensics and cyber investigations are as relevant in the cloud as they are in on-premise environments, but the methods in which to access and perform such investigations differ. This post will describe some of the challenges of bringing on-premises forensics techniques to th...
Microsoft Announces Top Three Contributing Partners in the Microsoft Active Protections Program (MAPP)
Today Microsoft announced the MAPP program Top Vulnerability Contributors, Top Threat Indicator Submitters, and Top Zero-Day Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through cooperation and...
Recognizing Security Researchers in 2019
Who’s going to be on the Most Valuable Security Researcher list at Black Hat USA 2019? We’re not announcing the names—yet—but this is how we’ll determine who’s there. How do we define the Most Valuable Security Researchers? The list at Black Hat will be the top tier of researchers based on not ju...
It’s Official – The Way We Recognize Our Security Researchers
We deeply appreciate the partnership of the many talented security researchers who report vulnerabilities to Microsoft through Coordinated Vulnerability Disclosure. We pay bounties for research in key areas, and each year at Black Hat USA, we’ve recognized the most impactful researchers helping t...
We need a safer systems programming language
In our first post in this series, we discussed the need for proactively addressing memory safety issues. Tools and guidance are demonstrably not preventing this class of vulnerabilities; memory safety issues have represented almost the same proportion of vulnerabilities assigned a CVE for over a...
2019 年 7 月のセキュリティ更新プログラム (月例)
2019 年 7 月 10 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...
日本セキュリティチーム ブログ移行のお知らせ
平素より、日本セキュリティチーム ブログをご愛読いただきありがとうございます。 日本セキュリティチーム ブ...
Inside the MSRC – Building your own security incident response process
This is the third and last in a series of posts that looks at how Microsoft responds to elevated threats to customers through the Microsoft Security Response Center’s MSRC Software and Services Incident Response Plan SSIRP. Our previous posts discussed how Microsoft protects customers against...
Inside the MSRC – Building your own security incident response process
This is the third and last in a series of posts that looks at how Microsoft responds to elevated threats to customers through the Microsoft Security Response Center’s MSRC Software and Services Incident Response Plan SSIRP. Our previous posts discussed how Microsoft protects customers against...
Inside the MSRC – Customer-centric incident response
The Microsoft Security Response Center MSRC is an integral part of Microsoft’s Cyber Defense Operations Center CDOC that brings together security response experts from across the company to help protect, detect, and respond to threats in real-time. Staffed with dedicated teams 24x7, the CDOC has...
Join Microsoft Security Response at the Product Security Operations forum at LocoMocoSec!
The MSRC is more than managing vulnerability reports, publishing Microsoft security updates, and defending the cloud. The MSRC is passionate about helping everyone improve internal engineering practices and supporting the defender community, and are excited to partner with Blackberry to host a...
Local privilege escalation via the Windows I/O Manager: a variant finding collaboration
The Microsoft Security Response Center MSRC investigates all reports of security vulnerabilities affecting Microsoft products and services to help make our customers and the global online community more secure. We appreciate the excellent vulnerability research reported to us regularly from the...
Call for Papers | Microsoft BlueHat Shanghai 2019
The Microsoft Security Response Center MSRC recently announced our first BlueHat security conference in Shanghai which will take place on May 29-30, 2019. After 15 years of BlueHat events in Redmond, Washington and Israel, we are thrilled to expand to a new location. We work with many talented...
2019 年 2 月のセキュリティ更新プログラム (月例)
2019 年 2 月 13 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...
December 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide...
Windows Update の利用手順 - Windows 8.1 の場合
本ブログ記事は初級レベルから中級レベルのコンピューター ユーザーを対象にしています。 Windows 10 をお使いのお客...
[セキュリティ基本対策 5 か条] 第 5 条 バックアップの取得を設定する
注: この内容は一般の方を対象とした記述にしています。 今日はセキュリティ基本対策 5 か条の第 5 条「バック...
October 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team...
[セキュリティ基本対策 5 か条] 第 2 条 アクション センターで PC のセキュリティやメンテナンス状況に問題がないかを確認する
注: この内容は一般の方を対象とした記述にしています。 今日はセキュリティ基本対策 5 か条の第 2 条「アクシ...
September 2018 Security Update Release
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team...
2018 年 9 月のセキュリティ更新プログラム (月例)
2018 年 9 月 12 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...
Inside MSRC: Sharing Our Story & Customer Tips
For the last 20 years, the Microsoft Security Response Center has been an integral part of Microsoft’s commitment to customer security. We are often called on to talk about the work we do and how customers can apply the lessons we have learned over that period to better their security posture...
Vulnerability hunting with Semmle QL, part 1
Previously on this blog, we’ve talked about how MSRC automates the root cause analysis of vulnerabilities reported and found. After doing this, our next step is variant analysis: finding and investigating any variants of the vulnerability. It’s important that we find all such variants and patch...
2018 年 8 月のセキュリティ更新プログラム (月例)
2018 年 8 月 15 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...
2018 年 5 月のセキュリティ更新プログラム (月例)
2018 年 5 月 9 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...
「Emotet」の大規模感染を阻止した人工知能のしくみ
本記事は、Microsoft Secure のブログ “How artificial intelligence stopped an Emotet outbreak” 2018 年 2 月 14 日 米国時間公開...
挙動監視と機械学習で大規模な「Dofoil」によるコイン マイニング攻撃を阻止
本記事は、Microsoft Secure のブログ “Behavior monitoring combined with machine learning spoils a massive Dofoil coin mining campaign” 2018 年...
投機的実行に関する報奨金プログラムの開始
本記事は、Microsoft Security Response Center のブログ “Speculative Execution Bounty Launch” 2016 年 3 月 14 日 米国...
Speculative Execution Bounty Launch
Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field. In recognition of that threat...
February 2018 security update release
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...
November 2017 security update release
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...
October 2017 security update release
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...
VulnScan – Automated Triage and Root Cause Analysis of Memory Corruption Issues
The Microsoft Security Response Center MSRC receives reports about potential vulnerabilities in our products and it’s the job of our engineering team to assess the severity, impact, and root cause of these issues. In practice, a significant proportion of these reports turn out to be memory...
MSRC の 2017 年 “トップ 100 人” セキュリティ研究者一覧
本記事は、Microsoft Security Response Center のブログ “The MSRC 2017 list of “Top 100” security researchers”...
2017 年 8 月のセキュリティ更新プログラム (月例)
2017 年 8 月 9 日 日本時間、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しまし...
The MSRC 2017 list of “Top 100” security researchers
Security researchers play an essential role in Microsoft’s security strategy and are key to community-based defense. To show our appreciation for their hard work and partnership, each year at BlackHat North America, the Microsoft Security Response Center highlights contributions of these...
Announcing the Windows Bounty Program
Windows 10 represents the best and newest in our strong commitment to security with world-class mitigations. One of Microsoft’s longstanding strategies toward improving software security involves investing in defensive technologies that make it difficult and costly for attackers to find, exploit...
EnglishmansDentist Exploit Analysis
Introduction We are continuing our series of blog posts dissecting the exploits released by ShadowBrokers in April 2017. After the first two posts about the SMB exploits known as EternalChampion and EternalSynergy, we’ll move this time to analyze a different tool and we’ll focus on the exploit...
July 2017 security update release
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this...
Eternal Champion Exploit Analysis
Recently, a group named the ShadowBrokers published several remote server exploits targeting various protocols on older versions of Windows. In this post we are going to look at the EternalChampion exploit in detail to see what vulnerabilities it exploited, how it exploited them, and how the late...
Tales from the MSRC: from pixels to POC
Is this thing still on? It’s been a while since we’ve posted to this blog and we think it’s time to start posting deep technical content about Security Research & Defense SRD again. For readers who are new or may have forgotten, this blog is the home of the MSRC Vulnerabilities & Mitigations...
BlueHat v17 Call for Papers Opens
Calling security professionals and enthusiasts throughout the world. Microsoft is pleased to open the Call for Papers for our BlueHat v17 Security Conference. Potential speakers have from June 1st through August 18th to submit abstract proposals for this unique opportunity. As in past events, we...
Extending Microsoft Edge Bounty Program
Over the past 10 months, we’ve paid out more than $200,000 USD in bounties to researchers reporting vulnerabilities through the Microsoft Edge Bounty Program. Partnering with the research community has helped improve Microsoft Edge security, and to continue this collaboration, today we're extendi...
Customer Guidance for WannaCrypt attacks
Microsoft solution available to protect additional products Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painfu...
Customer Guidance for WannaCrypt attacks
Microsoft solution available to protect additional products Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painfu...
Coming together to address Encapsulated PostScript (EPS) attacks
Today’s security updates include three updates that exemplify how the security ecosystem can come together to help protect consumers and enterprises. We would like to thank FireEye and ESET for working with us. Customers that have the latest security updates installed are protected against the...
SHA-1 Collisions Research
Today, a group of eight researchers from across the security industry released a research report on SHA-1 that demonstrates for the first time, a “hash collision” for the full SHA-1 hash algorithm called “SHAttered”. This is a significant step toward understanding this type of security issue, a...
Adobe Flash Player security vulnerability release
Today, we released an Adobe Flash Player security update to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about these updates can be found on the Security Update Guide. MSRC team...