2023

Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks

Friday, June 16, 2023

Summary Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability. Microsoft promptly opened an investigation and subsequently began tracking ongoing DDoS activity by the threat actor that Microsoft tracks as Storm-1359. These attacks likely rely on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools.

レイヤー7の分散型サービス拒否 (DDoS) 攻撃に対するマイクロソフトの対応について

Friday, June 16, 2023

本ブログは、Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks の抄訳版です。最新の情報は原文を参照してください。

Microsoft mitigates set of cross-site scripting (XSS) vulnerabilities in Azure Bastion and Azure Container Registry

Wednesday, June 14, 2023

Summary Microsoft recently mitigated a set of cross-site scripting vulnerabilities affecting Azure Bastion and Azure Container Registry (ACR). Exploitation of these vulnerabilities could have potentially allowed for an unauthorized user to gain access to a target user’s session within the compromised Azure service, and subsequently lead to data tampering or resource modification.

マイクロソフトは、Azure Bastion と Azure Container Registry におけるクロスサイトスクリプティング（XSS）脆弱性を緩和しました。

Wednesday, June 14, 2023

本ブログは、Microsoft mitigates set of cross-site scripting (XSS) vulnerabilities in Azure Bastion and Azure Container Registryの抄訳版です。最新の情報は原

2023 年 6 月のセキュリティ更新プログラム (月例)

Tuesday, June 13, 2023

2023 年 6 月 13 日 (米国時間) 、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ

• アドバイザリ
• セキュリティ更新
• セキュリティ更新プログラム
• 月例セキュリティ更新日

Hey Yara, find some vulnerabilities

Thursday, June 08, 2023

Intro Finding vulnerabilities in software is no easy task by itself. Doing this at cloud scale is very challenging to perform manually, and we use tools to help us identify patterns or vulnerability signatures. Yara is one of those tools. Yara is a very popular tool with Blue teams, malware researchers, and for good reason.

• Vulnerability
• Security Research
• Yara
• Static Code Analysis

Announcing The BlueHat Podcast: Listen and Subscribe Now!

Wednesday, May 17, 2023

Available today on all major podcast platforms is The BlueHat Podcast, a new series of security research focused conversations, continuing the themes from the BlueHat 2023 conference (session recordings available to watch here). Since 2005, BlueHat has been where the security research community, and Microsoft, come together as peers: to debate, discuss, share, challenge, celebrate and learn.

• BlueHat

2023 年 5 月のセキュリティ更新プログラム (月例)

Tuesday, May 09, 2023

2023 年 5 月 9 日 (米国時間)、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ

• アドバイザリ
• セキュリティ更新
• セキュリティ更新プログラム
• 月例セキュリティ更新日

CVE-2023-24932 に関連するセキュア ブート マネージャーの変更に関するガイダンス

Tuesday, May 09, 2023

本ブログは、Guidance related to Secure Boot Manager changes associated with CVE-2023-24932 の抄訳版です。最新の情報は原文を参照してください。 概要

Guidance related to Secure Boot Manager changes associated with CVE-2023-24932

Tuesday, May 09, 2023

Summary Today, Microsoft is releasing CVE-2023-24932, and associated configuration guidance, to address a Secure Boot bypass vulnerability used by the BlackLotus bootkit to exploit CVE-2022-21894. Customers will need to closely follow the configuration guidance to fully protect against this vulnerability. This vulnerability allows an attacker to execute self-signed code at the Unified Extensible Firmware Interface (UEFI) level while Secure Boot is enabled.