Browse by Tags

Related Posts
  • Blog Post: Software Security == People && Process && Technology

    Mark Curphey here. I run the Subscriptions Engineering Team in Server & Tools Online, where we build complex customer facing web sites like MSDN and TechNet, supporting millions of users. For the last 15 years, I have always held security roles, most recently heading up the Information Security Tools...
  • Blog Post: Black Hat USA Spotlight: ATL Killbit Bypass

    There are only a few days left before Black Hat USA, and we, like most other speakers, are in the midst of the last-minute push to have all the materials finalized in time for our presentation. Our presentation this year, " The Language of Trust ," features a lot of material related to attacking software...
  • Blog Post: Dune Busting and Browser Fun at HITB – Dubai

    Hi, Billy Rios here, I was recently invited to speak at Hack in the Box (HITB) in Dubai. While at HITB, I participated in two different talks, but I’m going to focus on the talk Chris Evans and I co-presented: “Cross Domain Leakiness.” Chris Evans is a security lead for Google’s Core Security team. Some...
  • Blog Post: There were dragons. Everywhere.

    Handle: volty IRL: Joe Hemmerlein Rank: Security Grunt (aka Security Program Manager) Likes: Quality engineering, diverting things from their intended use, processes and tools Dislikes: Meat, speed limits, getting up in the morning Guten Morgen! Joe Hemmerlein hier vom Microsoft Security...
  • Blog Post: Black Hat Follow Up: Answering the Hard Questions

    Handle: Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns It’s October! And for those who remember...
  • Blog Post: Announcing BlueHat v9: Through the Looking Glass

    Handle: C-Lizzle IRL: Celene Temkin Rank: Program Manager 2 & BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! BlueHat v9 will take place from October 21 to 23 at the Microsoft campus...
  • Blog Post: BlueHat v9 Brings the Looking Glass To You...

    Handle: C-Lizzle IRL: Celene Temkin Rank: Program Manager 2 & BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! Celene here from the MSRC Ecosystem Strategy Team. BlueHat v9: Through...
  • Blog Post: The Rapidly Evolving Exploitation Playground

    Hey there, Vincenzo and Fermin here! Next week we will be giving two talks at BlueHat . Vincenzo will be talking with Tim Kornau, Ralf Philipp Weinmann, and Thomas Dullien, about return-oriented programming and how to automate the creation of ROP payloads. Also, Fermin and Andrew Roths will be talking...
  • Blog Post: MAPP – An Insider's view

    Intro Matt Watchinski here, Senior Director, Sourcefire Vulnerability Research Team (VRT). It’s that time of year again. The mercury is soaring above 100F, and I am crammed onto a “flying bus” heading out to Las Vegas to attend this year’s iteration of the Black Hat and DEF...
  • Blog Post: Chills and Thrills at FIRST

    Sveika! Hey Steve here, been a while since I posted on the EcoStrat blog. With all the security events that happened during the latter half of 2008, I have been very focused on working with the security update releases and Microsoft Active Protections Program ( MAPP ). Handle: Cap'n Steve ...
  • Blog Post: 心の会合: The Gathering

    Handle: Cap'n Steve IRL: Steve Adegbite Rank: Senior Security Program Manager Lead Likes: Reverse Engineering an obscene amount of code and ripping it up on a snowboard Dislikes: Not much but if you hear me growl…run Konnichiwa! I guess you are wondering why I said hello in Japanese...
  • Blog Post: The lighter side of the cloud

    Billy Rios here. I’m giving a talk this week along with Nate McFeters entitled, “ Sharing the Cloud with Your Enemy .” It’s a fun, realistic talk on security in the cloud. Why cloud computing? Cloud computing, software as a service, infrastructure as a service, platform as a service… with so many...
  • Blog Post: Hack.lu: Why it’s all about building bridges

    Handle: Cluster IRL: Maarten Van Horenbeeck Rank: Senior Program Manager Likes: Slicing covert channels, foraging in remote memory pools, and setting off page faults Dislikes: The crackling sound of crypto breaking, warm vodka martni “We want to remain what we are” (“Mir...
  • Blog Post: A Brussels retrospective from Oahu

    Handle: Security Blanki IRL: Sarah Blankinship Rank: Senior Security Strategist Lead Likes: Vuln wrangling, teams of rivals, global climate change - the hotter the better Dislikes: Slack jawed gawkers (girls are geeks too!), customers @ risk, egos Aloha from the Shakacon III , a security...
  • Blog Post: Capt I.M. Hardened OS-Microsoft

    Handle: Cap'n Steve IRL: Steve Adegbite Rank: Senior Security Program Manager Lead Likes: Reverse Engineering an obscene amount of code and ripping it up on a snowboard Dislikes: Not much but if you hear me growl…run Hey, Steve here. Just finally settling back in after traveling a bit...
  • Blog Post: Something Old, Something New, True Blue

    This year marks the tenth BlueHat at Microsoft, and my sixth round in participating in the event that has been so instrumental in keeping Microsoft developers and executives in touch with the pulse of security research outside Microsoft, and serves as one of the key crossroads for the exchange of ideas...
  • Blog Post: The EMET 2.0 Training Video has arrived!

    Hey there, I'm pleased to announce that the BlueHat team has partnered with the dynamic Microsoft Security Response Center (MSRC) Engineering duo of Andrew Roths and Fermin J. Serna on a training video previewing the new release, version 2.0, of the Enhanced Mitigation Experience Toolkit (EMET). This...
  • Blog Post: Black Hat USA: Hoping what happens in Vegas doesn’t actually stay in Vegas…

    Handle: Security Blanki IRL: Sarah Blankinship Rank: Senior Security Strategist Lead Likes: Vuln wrangling, teams of rivals, global climate change - the hotter the better Dislikes: Slack jawed gawkers (girls are geeks too!), customers @ risk, egos This week our team is preparing to travel...
  • Blog Post: New Year, New Security Foo

    Handle: Security Blanki IRL: Sarah Blankinship Rank: Senior Security Strategist Lead Likes: Vuln wrangling, teams of rivals, global climate change - the hotter the better Dislikes: Slack jawed gawkers (girls are geeks too!), customers @ risk, egos As we head into this new year, predictions...
  • Blog Post: SOURCE, Not Your Usual Boston Tea Party

    I recently returned from the second iteration of the SOURCE Boston computer security conference, and I must say, it was both an intimate conference of less than 250 folks and a high-caliber gathering. As with other conferences that the Microsoft Security Response Center (MSRC) co-sponsors, we see these...
  • Blog Post: Securing our Legacy

    Hi, this is Scott Stender from iSEC Partners. I recently had the privilege of speaking at Microsoft's BlueHat event in Brussels on the topic of securing legacy systems. With all of the recent coverage on the need to secure our networked systems -- national, corporate, and individual alike -- I felt...
  • Blog Post: Do you believe in ghosts?

    When I was a kid, I had nightmares every week. I still remember some of them vividly, particularly the ones where ghosts were involved. Not the typical ghosts from the movies , but ones that could not be seen, only heard and felt. Why would I be so frightened and still remember them “vividly” today?...
  • Blog Post: BlueHat v10 Shipping!

    Handle: Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns I’m here playing MC at the tenth edition...
  • Blog Post: Announcing BlueHat v10: A Security Odyssey

    BlueHat v10 is on the horizon and I’m happy to be able to announce the lineup. This year we’ll be hosting our annual conference on October 13-15 at the Microsoft campus here in Redmond and, with the success of last year’s con, we’re working overtime to make it the most robust...
  • Blog Post: BlueHat Security Forum: Buenos Aires Edition--Shipping!

    Handle: Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns I’m here at the second edition of the...