Microsoft Security 今日热榜



最新

1.	Announcing BlueHat 2024: Call for Papers now open	
2.	Congratulations to the MSRC 2024 Most Valuable Security Researchers!	
3.	Microsoft Bounty Program Year in Review: $16.6M in Rewards	
4.	Introducing the MSRC Researcher Resource Center	
5.	Congratulations to the Top MSRC 2024 Q2 Security Researchers!	
6.	Announcing the CVRF API 3.0 upgrade	
7.	What’s new in the MSRC Report Abuse Portal and API	
8.	Toward greater transparency: Unveiling Cloud Service CVEs	
9.	Mitigating SSRF Vulnerabilities Impacting Azure Machine Learning	
10.	Improved Guidance for Azure Network Service Tags	
11.	Congratulations to the Top MSRC 2024 Q1 Security Researchers!	
12.	Toward greater transparency: Adopting the CWE standard for Microsoft CVEs	
13.	Embracing innovation: Derrick’s transition from banking to Microsoft’s Threat Intelligence team	
14.	Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard	
15.	Faye’s Journey: From Security PM to Diversity Advocate at Microsoft	
16.	Microsoft boosts its Microsoft 365 Insider Builds on Windows Bounty Program with higher awards and an expanded scope	
17.	From Indiana Jones to Cybersecurity: The Inspiring Journey of Devin	
18.	An Obsession With Impact: The Inspiring Journey of a Dreamer That Led to a Career at Microsoft	
19.	New Security Advisory Tab Added to the Microsoft Security Update Guide	
20.	Congratulations to the Top MSRC 2023 Q4 Security Researchers!	
21.	Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard	
22.	BlueHat India Call for Papers is Now Open!	
23.	Microsoft addresses App Installer abuse	
24.	Azure Serial Console Attack and Defense - Part 2	
25.	Introducing the Microsoft Defender Bounty Program	
26.	Celebrating ten years of the Microsoft Bug Bounty program and more than $60M awarded	
27.	Reflecting on 20 years of Patch Tuesday	
28.	Microsoft guidance regarding credentials leaked to GitHub Actions Logs through Azure CLI	
29.	Congratulations to the Top MSRC 2023 Q3 Security Researchers!	
30.	Introducing the Microsoft AI Bug Bounty Program featuring the AI-powered Bing experience	
31.	Microsoft Response to Distributed Denial of Service (DDoS) Attacks against HTTP/2	
32.	Cybersecurity Awareness Month 2023: Elevating Security Together	
33.	Microsoft’s Response to Open-Source Vulnerabilities - CVE-2023-4863 and CVE-2023-5217	
34.	Journey Down Under: How Rocco Became Australia’s Premier Hacker	
35.	Microsoft mitigated exposure of internal information in a storage account due to overly-permissive SAS token	
36.	Results of Major Technical Investigations for Storm-0558 Key Acquisition	
37.	Azure Serial Console Attack and Defense - Part 1	
38.	Updating our Vulnerability Severity Classification for AI Systems	
39.	Congratulations to the MSRC 2023 Most Valuable Security Researchers!	
40.	Microsoft Bug Bounty Program Year in Review: $13.8M in Rewards	
41.	Microsoft mitigates Power Platform Custom Code information disclosure vulnerability	
42.	BlueHat October 2023 Call for Papers is Now Open!	
43.	Updated Researcher Portal Submission Form: Discover the New Fields in the Submission Form	
44.	From Bounty Leaderboards to Microsoft Security Researcher, Meet Cameron Vincent!	
45.	What to expect when reporting vulnerabilities to Microsoft	
46.	Congratulations to the Top MSRC 2023 Q2 Security Researchers!	
47.	Microsoft mitigates China-based threat actor Storm-0558 targeting of customer email	
48.	Breaking Barriers: Aditi’s Journey Through Sight Loss to Microsoft AI Innovator	
49.	Potential Risk of Privilege Escalation in Azure AD Applications	
50.	Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks	
51.	Microsoft mitigates set of cross-site scripting (XSS) vulnerabilities in Azure Bastion and Azure Container Registry	
52.	Hey Yara, find some vulnerabilities	
53.	Announcing The BlueHat Podcast: Listen and Subscribe Now!	
54.	Guidance related to Secure Boot Manager changes associated with CVE-2023-24932	
55.	Microsoft Vulnerability Severity Classification for Online Services Publication	
56.	Congratulations to the Top MSRC 2023 Q1 Security Researchers!	
57.	Best practices regarding Azure Storage Keys, Azure Functions, and Azure Role Based Access	
58.	Guidance on Potential Misconfiguration of Authorization of Multi-Tenant Applications that use Azure AD	
59.	Microsoft Mitigates Outlook Elevation of Privilege Vulnerability	
60.	Configuring host-level audit logging for AKS VMSS	
61.	Azure Kubernetes Service (AKS) Threat Hunting	
62.	First steps in CHERIoT Security Research	
63.	New MSRC Blog Site	
64.	BlueHat 2023: Connecting the security research community with Microsoft	
65.	Microsoft Investigation - Threat actor consent phishing campaign abusing the verified publisher process	
66.	Congratulations to the Top MSRC 2022 Q4 Security Researchers!	
67.	Microsoft resolves four SSRF vulnerabilities in Azure cloud services	
68.	Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API	
69.	Security Update Guide Improvement – Representing Hotpatch Updates	
70.	BlueHat 2023: Applications to Attend NOW OPEN!	
71.	A Ride on the Wild Side with Hacking Heavyweight Sick Codes	
72.	Announcing the Microsoft Machine Learning Membership Inference Competition (MICO)	
73.	Awareness and guidance related to OpenSSL 3.0 - 3.0.6 risk (CVE-2022-3786 and CVE-2202-3602)	
74.	Microsoft Mitigates Vulnerability in Jupyter Notebooks for Azure Cosmos DB	
75.	Reflecting on Cybersecurity Awareness Month: At its Core, Cybersecurity is all about People	
76.	Congratulations to the Top MSRC 2022 Q3 Security Researchers!	
77.	Investigation Regarding Misconfigured Microsoft Storage Location	
78.	Awareness and guidance related to potential Service Fabric Explorer (SFX) v1 web client risk	
79.	Hunting for Cobalt Strike: Mining and plotting for fun and profit	
80.	BlueHat 2023 Call for Papers is Now Open!	
81.	Improvements in Security Update Notifications Delivery - And a New Delivery Method	
82.	Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server	
83.	Defense-in-Depth Updates for Azure Identity libraries and Azure Key Vault libraries within Azure SDK plus Best Practice Implementation Guidance	
84.	Curious, Innovative, Creative, Community Driven: Meet Cyb3rWard0g, Roberto Rodriquez	
85.	What’s the smallest variety of CHERI?	
86.	Vulnerability Fixed in Azure Synapse Spark	
87.	Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards	
88.	Security Update Guide Notification System News: Create your profile now	
89.	Microsoft Office to publish symbols starting August 2022	
90.	Congratulations to the MSRC 2022 Most Valuable Researchers!	
91.	Anatomy of a Cloud-Service Security Update	
92.	Congratulations to the Top MSRC 2022 Q2 Security Researchers!	
93.	Mitigation for Azure Storage SDK Client-Side Encryption Padding Oracle Vulnerability	
94.	All Hands-on Deck: A Whole-of-Society Approach for Cybersecurity	
95.	Microsoft Mitigates Azure Site Recovery Vulnerabilities	
96.	Service Fabric Privilege Escalation from Containerized Workloads on Linux	
97.	A Man of Action: Meet Callum Carney	
98.	Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability	
99.	New Research Paper: Pre-hijacking Attacks on Web User Accounts	
100.	Researcher Spotlight: Hector Peralta’s Evolution from Popcorn Server to the MSRC Leaderboards	

更新于 36 分钟前

近期历史最近 100 条记录

2024-08-08	Announcing BlueHat 2024: Call for Papers now open		
2024-08-07	Congratulations to the MSRC 2024 Most Valuable Security Researchers!		
2024-08-06	Microsoft Bounty Program Year in Review: $16.6M in Rewards		
2024-08-01	Introducing the MSRC Researcher Resource Center		
2024-07-25	Congratulations to the Top MSRC 2024 Q2 Security Researchers!		
2024-07-12	Announcing the CVRF API 3.0 upgrade		
2024-07-04	What’s new in the MSRC Report Abuse Portal and API		
2024-06-28	Toward greater transparency: Unveiling Cloud Service CVEs		
2024-06-18	Mitigating SSRF Vulnerabilities Impacting Azure Machine Learning		
2024-06-03	Improved Guidance for Azure Network Service Tags		
2024-04-18	Congratulations to the Top MSRC 2024 Q1 Security Researchers!		
2024-04-10	Toward greater transparency: Adopting the CWE standard for Microsoft CVEs	tatersolid	
2024-04-04	Embracing innovation: Derrick’s transition from banking to Microsoft’s Threat Intelligence team		
2021-03-25	Introducing Bounty Awards for Teams Desktop Client Security Research	MSRC ‧ Lynn Miyashita	
2021-03-17	Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities	MSRC ‧ MSRC Team	
2021-03-16	One-Click Microsoft Exchange On-Premises Mitigation Tool – March 2021	MSRC ‧ MSRC Team	
2021-03-06	Microsoft Exchange Server Vulnerabilities Mitigations – updated March 15, 2021	MSRC ‧ MSRC Team	
2021-03-04	A new experience for reporting copyright or trademark infringement on Microsoft Services	MSRC ‧ MSRC Team	
2021-03-03	On-Premises Exchange Server Vulnerabilities Resource Center – updated March 25, 2021	MSRC ‧ MSRC Team	
2021-02-19	Microsoft Internal Solorigate Investigation – Final Update	MSRC ‧ MSRC Team	
2021-02-11	MSRC Security Researcher Recognition: 2021	MSRC ‧ Sylvie Liu	
2021-02-10	Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086	MSRC ‧ MSRC Team	
2021-02-10	Continuing to Listen: Good News about the Security Update Guide API!	MSRC ‧ Lisa Olson	
2021-02-02	New and Improved Report Abuse Portal and API!	MSRC ‧ MSRC Team	
2021-01-15	Netlogon Domain Controller Enforcement Mode is enabled by default beginning with the February 9, 2021 Security Update, related to CVE-2020-1472	MSRC ‧ Aanchal Gupta	
2021-01-15	Top MSRC 2020 Q4 Security Researchers – Congratulations!	MSRC ‧ Lynn Miyashita	
2021-01-14	Security Update Guide Supports CVEs Assigned by Industry Partners	MSRC ‧ MSRC Team	
2021-01-12	Building Faster AMD64 Memset Routines	pjmlp	
2021-01-01	Microsoft Internal Solorigate Investigation Update	MSRC ‧ MSRC Team	
2020-12-22	Solorigate Resource Center – updated February 5, 2021	MSRC ‧ MSRC Team	
2020-12-14	Customer Guidance on Recent Nation-State Cyber Attacks	MSRC ‧ msrc	
2020-12-09	Security Update Guide: Let’s keep the conversation going	MSRC ‧ MSRC Team	
2020-11-10	Vulnerability Descriptions in the New Version of the Security Update Guide	MSRC ‧ MSRC Team	
2020-10-30	Attacks exploiting Netlogon vulnerability (CVE-2020-1472)	MSRC ‧ Aanchal Gupta	
2020-10-16	Announcing the Top MSRC 2020 Q3 Security Researchers	MSRC ‧ Sylvie Liu	
2020-10-15	Security Analysis of CHERI ISA	Security Research & Defense ‧ MSRC Team	
2020-10-07	Concluding the Azure Sphere Security Research Challenge, Microsoft Awards $374,300 to Global Security Research Community	MSRC ‧ Sylvie Liu	
2020-09-22	New and improved Security Update Guide!	MSRC ‧ msrc	
2020-09-22	What to Expect When Reporting Vulnerabilities to Microsoft	MSRC ‧ MSRC Team	
2020-08-18	Control Flow Guard for Clang/LLVM and Rust	Security Research & Defense ‧ MSRC Team	
2020-08-06	Congratulations to the MSRC’s 2020 Most Valuable Security Researchers	MSRC ‧ Sylvie Liu	
2020-08-04	Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards	MSRC ‧ Jarek Stanley	
2020-08-04	Microsoft Joins Open Source Security Foundation	MSRC ‧ MSRC Team	
2020-07-31	Black Hat 2020: See you in the Cloud!	MSRC ‧ MSRC Team	
2020-07-25	Updates to the Windows Insider Preview Bounty Program	MSRC ‧ MSRC Team	
2020-07-16	Top MSRC 2020 Q2 Security Researchers Announced – Congratulations!	MSRC ‧ Sylvie Liu	
2020-07-15	July 2020 Security Update: CVE-2020-1350 Vulnerability in Windows Domain Name System (DNS) Server	MSRC ‧ MSRC Team	
2020-07-03	Solving Uninitialized Kernel Pool Memory on Windows	MSRC ‧ Joe Bialek	
2020-06-02	Machine Learning Security Evasion Competition 2020 Invites Researchers to Defend and Attack	MSRC ‧ Jarek Stanley	
2020-05-14	Solving Uninitialized Stack Memory on Windows	Security Research & Defense ‧ Joe Bialek	
2020-05-06	Azure Sphere Security Research Challenge Now Open	MSRC ‧ Sylvie Liu	
2020-04-29	The Safety Boat: Kubernetes and Rust	Security Research & Defense ‧ MSRC Team	
2020-04-24	Congratulating Our Top 2020 Q1 Security Researchers!	MSRC ‧ MSRC Team	
2020-03-26	March 2020 security updates are available	MSRC ‧ MSRC Team	
2020-03-26	Calling for security research in Azure Sphere, now generally available	MSRC ‧ MSRC Team	
2020-03-26	February 2020 security updates are available	MSRC ‧ MSRC Team	
2020-03-26	Recognizing Security Researchers in 2020	MSRC ‧ MSRC Team	
2020-03-26	Announcing MSRC 2019 Q4 Security Researcher Leaderboard	MSRC ‧ MSRC Team	
2020-03-26	January 2020 Security Updates: CVE-2020-0601	MSRC ‧ MSRC Team	
2020-03-26	January 2020 security updates are available!	MSRC ‧ MSRC Team	
2020-03-26	Announcing the Microsoft Identity Research Project Grant	MSRC ‧ Chloé Brown	
2020-03-26	Announcing the Xbox Bounty program	MSRC ‧ Chloé Brown	
2020-03-26	Access Misconfiguration for Customer Support Database	MSRC ‧ MSRC Team	