Browsing Category
Microsoft Security
90 posts
Microsoft guidance regarding credentials leaked to GitHub Actions Logs through Azure CLI
Summary Summary The Microsoft Security Response Center (MSRC) was made aware of a vulnerability where Azure Command-Line Interface…
Introducing the Microsoft AI Bug Bounty Program featuring the AI-powered Bing experience
Today at BlueHat we announced the new Microsoft AI bug bounty program with awards up to $15,000. This…
Cybersecurity Awareness Month 2023: Elevating Security Together
As the 20th anniversary of Cybersecurity Awareness Month begins, I find myself reflecting on the strides made since its…
Microsoft Response to Distributed Denial of Service (DDoS) Attacks against HTTP/2
Summary Summary Beginning in September 2023, Microsoft was notified by industry partners about a newly identified Distributed Denial-of-Service…
Results of Major Technical Investigations for Storm-0558 Key Acquisition
On July 11, 2023, Microsoft published a blog post which details how the China-Based threat actor, Storm-0558, used…
Microsoft mitigated exposure of internal information in a storage account due to overly-permissive SAS token
Summary Summary As part of a recent Coordinated Vulnerability Disclosure (CVD) report from Wiz.io, Microsoft investigated and remediated…
Journey Down Under: How Rocco Became Australia’s Premier Hacker
Fun facts about Rocco Calvi (@TecR0c): Microsoft MVR: Rocco is a 2023 Microsoft Most Valuable Researcher. Fitness fanatic:…
Microsoft’s Response to Open-Source Vulnerabilities – CVE-2023-4863 and CVE-2023-5217
Microsoft is aware and has released patches associated with the two Open-Source Software security vulnerabilities, CVE-2023-4863 and CVE-2023-5217.…
Updating our Vulnerability Severity Classification for AI Systems
The Microsoft Security Response Center (MSRC) is always looking for ways to provide clarity and transparency around how…
Congratulations to the MSRC 2023 Most Valuable Security Researchers!
The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers…