Blog – Page 18 – OWASP Jakarta

Congratulations to the MSRC 2023 Most Valuable Security Researchers! | MSRC Blog

Congratulations to the MSRC 2023 Most Valuable Security Researchers! | MSRC Blog The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s top 100 Read more

By adminowasp, 2 yearsNovember 5, 2023 ago

News

Updating our Vulnerability Severity Classification for AI Systems | MSRC Blog

Updating our Vulnerability Severity Classification for AI Systems | MSRC Blog The Microsoft Security Response Center (MSRC) is always looking for ways to provide clarity and transparency around how we assess the impact of vulnerabilities reported in our products and services. To this end, we are announcing the Microsoft Vulnerability Read more

By adminowasp, 2 years ago

News

Azure Serial Console Attack and Defense – Part 1 | MSRC Blog

Azure Serial Console Attack and Defense – Part 1 | MSRC Blog Ever had a virtual machine crash? Azure Serial console is a great way to directly connect to your Virtual machine and debug what went wrong. Azure Serial Console is a feature that’s available for free for everyone. While Read more

By adminowasp, 2 years ago

News

Results of Major Technical Investigations for Storm-0558 Key Acquisition | MSRC Blog

Results of Major Technical Investigations for Storm-0558 Key Acquisition | MSRC Blog On July 11, 2023, Microsoft published a blog post which details how the China-Based threat actor, Storm-0558, used an acquired Microsoft account (MSA) consumer key to forge tokens to access OWA and Outlook.com. Upon identifying that the threat Read more

By adminowasp, 2 years ago

News

Microsoft mitigated exposure of internal information in a storage account due to overly-permissive SAS token | MSRC Blog

Microsoft mitigated exposure of internal information in a storage account due to overly-permissive SAS token | MSRC Blog As part of a recent Coordinated Vulnerability Disclosure (CVD) report from Wiz.io, Microsoft investigated and remediated an incident involving a Microsoft employee who shared a URL for a blob store in a Read more

By adminowasp, 2 years ago

A person sitting at a computer Description automatically generated

News

Journey Down Under: How Rocco Became Australia’s Premier Hacker | MSRC Blog

Journey Down Under: How Rocco Became Australia’s Premier Hacker | MSRC Blog Fun facts about Rocco Calvi (@TecR0c): Microsoft MVR: Rocco is a 2023 Microsoft Most Valuable Researcher. Fitness fanatic: Inspired by old-school body building and countless hours of chopping and carrying wood in the mountains during his youth, Rocco Read more

By adminowasp, 2 yearsNovember 5, 2023 ago

News

Microsoft’s Response to Open-Source Vulnerabilities – CVE-2023-4863 and CVE-2023-5217 | MSRC Blog

Microsoft’s Response to Open-Source Vulnerabilities – CVE-2023-4863 and CVE-2023-5217 | MSRC Blog Microsoft is aware and has released patches associated with the two Open-Source Software security vulnerabilities, CVE-2023-4863 and CVE-2023-5217. Through our investigation, we found that these affect a subset of our products and as of today, we have addressed Read more

By adminowasp, 2 years ago

People working in a room Description automatically generated with medium confidence

News

Cybersecurity Awareness Month 2023: Elevating Security Together | MSRC Blog

Cybersecurity Awareness Month 2023: Elevating Security Together | MSRC Blog As the 20th anniversary of Cybersecurity Awareness Month begins, I find myself reflecting on the strides made since its inception. The journey to enhance and improve cybersecurity is ongoing and extends beyond October. It’s not merely a technological challenge; it is Read more

By adminowasp, 2 yearsNovember 5, 2023 ago

News

Microsoft Response to Distributed Denial of Service (DDoS) Attacks against HTTP/2 | MSRC Blog

Microsoft Response to Distributed Denial of Service (DDoS) Attacks against HTTP/2 | MSRC Blog Beginning in September 2023, Microsoft was notified by industry partners about a newly identified Distributed Denial-of-Service (DDoS) attack technique being used in the wild targeting HTTP/2 protocol. This vulnerability (CVE-2023-44487) impacts any internet exposed HTTP/2 endpoints. Read more

By adminowasp, 2 years ago

News

Introducing the Microsoft AI Bug Bounty Program featuring the AI-powered Bing experience | MSRC Blog

Introducing the Microsoft AI Bug Bounty Program featuring the AI-powered Bing experience | MSRC Blog Today at BlueHat we announced the new Microsoft AI bug bounty program with awards up to $15,000. This new bounty program features the AI-powered Bing experience as the first in scope product. The following products Read more

By adminowasp, 2 years ago