Microsoft BlueHat Blog

  • Can we secure cloud computing? Can we afford not to?

    There have been many disruptive innovations in the history of modern computing, each of them in some way impacting how we create, interact with, deliver, and consume information. The platforms and mechanisms used to process, transport, and store our information...
  • Collaborating on RIA Security

    Microsoft and Adobe frequently work together on security. At this year's BlueHat , we will come together to share our security research in the area of Rich Internet Applications (RIAs). While we independently place considerable thought and effort into...
  • Babel Hacking

    Hello world! Remember Mad Libs? How about Scrabble, when you'd try making up words that sound legit just to be de-bluffed by your friend. Playing these games provides endless hours of fun with words and letters. In software and the Internet, words, letters...
  • Attacking SMS

    This year at BlackHat USA in Las Vegas , we presented on the topic of attacking Short Message Service (SMS). Our presentation focused on the different ways in which SMS can be used to compromise mobile security. We’re excited to give an updated version...
  • The lighter side of the cloud

    Billy Rios here. I’m giving a talk this week along with Nate McFeters entitled, “ Sharing the Cloud with Your Enemy .” It’s a fun, realistic talk on security in the cloud. Why cloud computing? Cloud computing, software as a service, infrastructure...
  • Know thy Enemy

    I recently attended BlueHat for the second time and spoke about the SMS vulnerabilities Collin Mulliner and I discovered and exploited this summer. BlueHat is an interesting speaking venue because the audience consists entirely of Microsoft employees...
  • Ahn-young-ha-seh-yo & Kon-ni-chi-wa

    Hi! It's been a while since I've had a chance to blog about all the things we have been doing here. As travelling around to various security events is a big part of our mantra, I’ve been to Tokyo Japan for PacSec and Seoul, South Korea for POC 2009. Both were great conferences and had great security talks.


    PacSec had a lot of the Japanese security scene in attendance (the local powerhouses are pretty sharp and savvy) along with international researchers and past BlueHat speakers, Charlie Miller and Alex Stamos. Take a minute to check out archived presentations from our own Tony Lee introducing the SIRv7 and Jason Shirk discussing fuzzing strategies. But the biggest interest concerned mobile code threats such as malware and how the perimeter defenses are fading away as a viable protection. This seems to be a hot topic everywhere, so hot that the just wrapped-up BlueHat v9 con had an entire track dedicated to mobile security, and in June 2010, at the annual FIRST Conference, how the perimeter defenses are fading away will be the theme for the whole conference.

  • BlueHat v9 Brings the Looking Glass To You...

    Celene here from the MSRC Ecosystem Strategy Team. BlueHat v9: Through The Looking Glass ended just over a month ago and the success of the con lives on due to the outstanding training and networking between Microsoft employees, external speakers, and guests. I'm happy to say that the speaker video interviews and selected recorded presentations are now live on the BlueHat TechNet Page. As promised, we have posted talks from every track block. The samples available are from the e-crime, cloud, mobile and fuzzing content blocks.

    As you probably know by now, BlueHat is primarily about educating our own Microsoft population so we can better understand how to build more secure products. The more we know about the security ecosystem, the more we at Microsoft can truly comprehend and assess our security reality. Our secondary goals are to build bridges and bring transparency to the security community to facilitate positive information exchanges.

  • BlueHat v9 brings the looking glass to you

    Celene here from the MSRC Ecosystem Strategy Team. BlueHat v9: Through The Looking Glass ended just over a month ago and the success of the con lives on due to the outstanding training and networking between Microsoft employees, external speakers, and...
  • G’day mate, howsitgoing?

     G’day, or should I say howdy, y’all. As the newest member of the Microsoft EcoStrat team, I figured I would do a quick self-introduction before getting down to work. I am a Senior Security Strategist with the Microsoft Security Response Center (MSRC) based in Redmond. Prior to my big move to the USA, I was the Operations Manager of AusCERT in Australia (that’s the place that is famous for kangaroos and Tim Tams, to ensure you didn’t think I meant Austria!) My role here at Microsoft varies, but at the very top of my list is ensuring that Microsoft strengthens its relationship with the global community of national and government Computer Emergency Response Teams (CERTs).

  • There were dragons. Everywhere.

    Guten Morgen! Joe Hemmerlein hier vom Microsoft Security Response Center (MSRC). I just returned from Germany earlier this month, where I spent some time mingling with security researchers. It's customary that we share a bit of our experience at security conferences right here, on the EcoStrat blog - and this is my first posting.

  • BlueHat Security Forum: Buenos Aires Edition

     Hey Everyone!

    What speaks English, Portuguese and Spanish, has a hundred set of eyes, and battles in the defense of good against evil on a daily basis? No, it’s not the mythological Chupacabra ;-)—it’s the BlueHat Security Forum: Buenos Aires Edition. With the Forum ~5 weeks away I’m pleased to share the speaker line up and content details for what is sure to be a an eventful security briefing.

  • Do you believe in ghosts?

    When I was a kid, I had nightmares every week. I still remember some of them vividly, particularly the ones where ghosts were involved. Not the typical ghosts from the movies , but ones that could not be seen, only heard and felt. Why would I be so frightened...
  • Snowpacalypse Now (I love the smell of briefings in the morning)

    Hi All, This is Dustin and Karl from the Microsoft Security Response Center (MSRC). Recently, we were fortunate enough to attend the Black Hat DC 2010 conference held in Washington, D.C. We wanted to share our personal highlights from this great conference and provide a bit of a weather report too.


  • Pulling the curtains wide open…

    As you may know, the Microsoft Security Response Center (MSRC) EcoStrat blog has served to inform Microsoft customers, security professionals, IT Pros, and developers of the MSRC Ecosystem Strategy Team’s activities.  Our goal is to provide a deeper, more personal look into the work the Microsoft Security Response Center does to understand and help support an effective security ecosystem. We do this by showcasing particular individuals and insider stories to offer transparency around the complexity of the many challenges our community faces. We believe that by sharing our experiences, everyone can better understand the magnitude of the problems we face as a community, and how we can work together to mitigate them by helping build an army of defenders.

  • Parser Central: Microsoft .NET as a Security Component

    During the past decade or so, a significant portion of the computer industry has set out in a quest for secure software. That this sizable force of smart people with all their resources and market power has not yet brought us a secure and safe computing...
  • Who Gets It and Who Doesn’t? (Windows Genuine Advantage and Security Updates)

     One of the things I get to do in the Microsoft Security Response Center (MSRC) is talk to our customers and tell them about the process by which Microsoft identifies potential security vulnerabilities in its products, eliminates those vulnerabilities, and provides remediation and information to customers. In other words, I get to explain what I do for a living to anyone who will listen. I really enjoy doing this, because I find out first-hand what is most important to our customers as well as what questions they have about the Microsoft response process.

  • Numbers, Big Numbers, at the RSA Conference 2010

     San Francisco has always been a somewhat odd but pleasant outpost with an appeal that attracts people from all over. It was so in the late 1840s, when the prospects of gold lured people to the area, in a short time transforming the small settlement of San Francisco to a boomtown. More recently, many in the IT field have been attracted to San Francisco because of the pleasant weather, even in winter. And last week at the Moscone Center, in the buzzing SoMa neighborhood, was brought to town one of the largest security conferences in the world: RSA.

  • BlueHat Security Forum: Buenos Aires Edition--Shipping!

    I’m here at the second edition of the BlueHat Security Forum, this time in Buenos Aires. So far it is shaping up to be an immensely successful event. We started the day off with a welcome announcement from Hernán Rincón, president of Microsoft Latin America, and have more technical insights to come, some scary and some more reassuring, in the typical BlueHat fashion.

  • Heya! Hola and Olá!

    It was pretty fun sitting in the panel that kicked-off the first BlueHat Security Forum in Latin America and we are almost half-way through our day here in Buenos Aires. (Check out Mike Reavey’s EcoStrat Blog post for details about the panel.) It is...
  • Hacker Olympics: a shout-out from Vancouver, BC!

    CanSecWest is probably one of the most interesting conferences for the Microsoft Security Response Center (MSRC) team to attend. A leisurely two-and-a-half hour drive from our corporate headquarters it’s organized in the multi-cultural Canadian hub of Vancouver. Easy air connections to Europe, Asia, and anywhere in North America make it a yearly melting pot for capable security researchers from all over the world.

  • Thank you Buenos Aires!

    Hey Everyone,

    As I’m sure you are all well aware by now, the second installment of the BlueHat Security Forum: Buenos Argentina Edition shipped on March 18, 2010, and was a resounding success. For those of you first hearing about this BlueHat Forum, the event itself was an exclusive, invitation-only gathering of 100 select business decision-makers and security researchers from across Latin America.

  • Does Microsoft Change My Automatic Updates Settings?

    As a follow on to the WGA and Security Updates post by Dustin Childs, I wanted to address another common question we get regarding both security and non-security updates that customers receive from Microsoft through Windows Update or Microsoft Update. Customers sometimes feel that somehow the settings they chose in the update console have been changed. Most commonly, customers who have set the client to notify them before installing updates are now getting updates automatically without prompting.

  • Announcing: BlueHat v6!

    Andrew Cushman here. BlueHat is back in Redmond, as BlueHat v6: The Vuln Behind The Curtain opens September 27th and 28th. Once again we have two days of great security content that covers the spectrum of issues in security. The BlueHat speakers, both...
  • Pay no attention to that vuln behind the curtain

    Adam Shostack here, guest blogging for the BlueHat blog. As you may have seen from Andrew Cushman's post, the theme of this BlueHat is "The Vuln Behind the Curtain." I really like this theme, because it's part of a maturing in the way we're dealing...