Browse by Tags

Related Posts
  • Blog Post: Internet troubles in Korea? E-call center 118 is there to help.

    Handle: Cluster IRL: Maarten Van Horenbeeck Rank: Senior Program Manager Likes: Slicing covert channels, foraging in remote memory pools, and setting off page faults Dislikes: The crackling sound of crypto breaking, warm vodka martni Microsoft often has the pleasure of welcoming foreign...
  • Blog Post: Software Security == People && Process && Technology

    Mark Curphey here. I run the Subscriptions Engineering Team in Server & Tools Online, where we build complex customer facing web sites like MSDN and TechNet, supporting millions of users. For the last 15 years, I have always held security roles, most recently heading up the Information Security Tools...
  • Blog Post: From Bounties to the BlueHat Prize – Evolutionary Thinking in Valuing Security Research

    Handle: k8e IRL: Katie Moussouris Rank: Senior Security Strategist Lead, Head of Microsoft’s Security Community and Strategy Team Likes: Cool vulns, BlueHat, soldering irons, quantum teleportation Dislikes: Rudeness, socks-n-sandals, licorice Today on the MSRC blog , Matt Thomlinson announced...
  • Blog Post: Black Hat USA Spotlight: ATL Killbit Bypass

    There are only a few days left before Black Hat USA, and we, like most other speakers, are in the midst of the last-minute push to have all the materials finalized in time for our presentation. Our presentation this year, " The Language of Trust ," features a lot of material related to attacking software...
  • Blog Post: There were dragons. Everywhere.

    Handle: volty IRL: Joe Hemmerlein Rank: Security Grunt (aka Security Program Manager) Likes: Quality engineering, diverting things from their intended use, processes and tools Dislikes: Meat, speed limits, getting up in the morning Guten Morgen! Joe Hemmerlein hier vom Microsoft Security...
  • Blog Post: New Bounty Programs – One Week In

    Two weeks ago, Microsoft made an important evolutionary step in our work with the security community when we announced our first-ever bounty programs for security issues. One week ago, the Windows 8.1 Preview and Internet Explorer 11 Preview became available for download , and the doors officially opened...
  • Blog Post: Announcing BlueHat v9: Through the Looking Glass

    Handle: C-Lizzle IRL: Celene Temkin Rank: Program Manager 2 & BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! BlueHat v9 will take place from October 21 to 23 at the Microsoft campus...
  • Blog Post: Does Microsoft Change My Automatic Updates Settings?

    Handle: Jman IRL: Jerry Bryant Rank: Group Manager, Response Communications Likes: Quad lattes, geek toys, responsible disclosure Dislikes: Tomatoes, slow drivers (frontgaters) As a follow on to the WGA and Security Updates post by Dustin Childs , I wanted to address another common...
  • Blog Post: Who Gets It and Who Doesn’t? (Windows Genuine Advantage and Security Updates)

    Handle: Mando Picker IRL: Dustin Childs Rank: Security Program Manager Likes: Protecting customers, working with security researchers, second Tuesdays, bourbon, mandolins Dislikes: Using "It's hard" as an excuse, quitting when it gets tough, banjos One of the things I get to do in the...
  • Blog Post: BlueHat v9 Brings the Looking Glass To You...

    Handle: C-Lizzle IRL: Celene Temkin Rank: Program Manager 2 & BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! Celene here from the MSRC Ecosystem Strategy Team. BlueHat v9: Through...
  • Blog Post: The Rapidly Evolving Exploitation Playground

    Hey there, Vincenzo and Fermin here! Next week we will be giving two talks at BlueHat . Vincenzo will be talking with Tim Kornau, Ralf Philipp Weinmann, and Thomas Dullien, about return-oriented programming and how to automate the creation of ROP payloads. Also, Fermin and Andrew Roths will be talking...
  • Blog Post: MAPP – An Insider's view

    Intro Matt Watchinski here, Senior Director, Sourcefire Vulnerability Research Team (VRT). It’s that time of year again. The mercury is soaring above 100F, and I am crammed onto a “flying bus” heading out to Las Vegas to attend this year’s iteration of the Black Hat and DEF...
  • Blog Post: The lighter side of the cloud

    Billy Rios here. I’m giving a talk this week along with Nate McFeters entitled, “ Sharing the Cloud with Your Enemy .” It’s a fun, realistic talk on security in the cloud. Why cloud computing? Cloud computing, software as a service, infrastructure as a service, platform as a service… with so many...
  • Blog Post: Hack.lu: Why it’s all about building bridges

    Handle: Cluster IRL: Maarten Van Horenbeeck Rank: Senior Program Manager Likes: Slicing covert channels, foraging in remote memory pools, and setting off page faults Dislikes: The crackling sound of crypto breaking, warm vodka martni “We want to remain what we are” (“Mir...
  • Blog Post: !exploitable Crash Analyzer Now Available

    At BlueHat v8 in October 2008, Dave Weinstein, Jason Shirk and Lars Opstad presented the topic of when it’s okay to stop fuzzing ( Fuzzed Enough? When It’s OK to Put the Shears Down ). As part of that presentation, Dave talked about a technique used within Microsoft for triaging and categorizing crashes...
  • Blog Post: Something Old, Something New, True Blue

    This year marks the tenth BlueHat at Microsoft, and my sixth round in participating in the event that has been so instrumental in keeping Microsoft developers and executives in touch with the pulse of security research outside Microsoft, and serves as one of the key crossroads for the exchange of ideas...
  • Blog Post: The EMET 2.0 Training Video has arrived!

    Hey there, I'm pleased to announce that the BlueHat team has partnered with the dynamic Microsoft Security Response Center (MSRC) Engineering duo of Andrew Roths and Fermin J. Serna on a training video previewing the new release, version 2.0, of the Enhanced Mitigation Experience Toolkit (EMET). This...
  • Blog Post: Getting Into Information Security Intelligence Gathering: A BlueHat v10 Retrospective from Speakers Ian Iftach Amit and Fyodor Yarochkin

    Ian: Having a mild case of "professional ADHD" is probably what got me started on this whole "cyber" thing. Having done research, development, integration and consulting in the past, I was starting to get too many unanswered questions in my mind when dealing with customers and individuals who were being...
  • Blog Post: BlueHat Prize entries: The final tally is…

    Handle: k8e IRL: Katie Moussouris Rank: Senior Security Strategist Lead, Head of Microsoft’s Security Community and Strategy Team Likes: Cool vulns, BlueHat, soldering irons, quantum teleportation Dislikes: Rudeness, socks-n-sandals, licorice The entries are in! After a last-minute wave of fresh...
  • Blog Post: Do you believe in ghosts?

    When I was a kid, I had nightmares every week. I still remember some of them vividly, particularly the ones where ghosts were involved. Not the typical ghosts from the movies , but ones that could not be seen, only heard and felt. Why would I be so frightened and still remember them “vividly” today?...
  • Blog Post: BlueHat v10 Shipping!

    Handle: Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns I’m here playing MC at the tenth edition...
  • Blog Post: Announcing BlueHat v10: A Security Odyssey

    BlueHat v10 is on the horizon and I’m happy to be able to announce the lineup. This year we’ll be hosting our annual conference on October 13-15 at the Microsoft campus here in Redmond and, with the success of last year’s con, we’re working overtime to make it the most robust...
  • Blog Post: BlueHat Security Forum: Buenos Aires Edition--Shipping!

    Handle: Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns I’m here at the second edition of the...
  • Blog Post: Heya! Hola and Olá!

    It was pretty fun sitting in the panel that kicked-off the first BlueHat Security Forum in Latin America and we are almost half-way through our day here in Buenos Aires. (Check out Mike Reavey’s EcoStrat Blog post for details about the panel.) It is always great to see old friends from the ecosystem...
  • Blog Post: Collaborating on RIA Security

    Microsoft and Adobe frequently work together on security. At this year's BlueHat , we will come together to share our security research in the area of Rich Internet Applications (RIAs). While we independently place considerable thought and effort into our respective security models, attackers often look...