Thursday, October 13, 2022
Introduction Cobalt Strike is a commercial Command and Control framework built by Helpsystems. You can find out more about Cobalt Strike on the MITRE ATT&CK page. But it can also be used by real adversaries. In this post we describe how to use RiskIQ and other Microsoft technologies to see if you have Cobalt Strike payloads (also called “beacons”) in your network.
Wednesday, October 12, 2022
At MSRC, we are passionate about ensuring our customers have a positive experience when they use the Microsoft Security Update Guide (SUG). A big part of improving that experience is ensuring that customers have timely and easily accessible notifications. As such we have two important announcements to share about changes to the way we provide notifications.
Tuesday, October 11, 2022
2022 年 10 月 11 日 (米国時間) 、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ
Friday, September 30, 2022
November 8, 2022 update - Microsoft released security updates for CVE-2022-41040 and CVE-2022-41082. We recommend that customers protect their organizations by applying the updates immediately to affected systems. The options described in the Mitigations section are no longer recommended. For more information, review the Exchange Team blog. Summary On November 8 Microsoft released security updates for two zero-day vulnerabilities affecting Microsoft Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019.
Friday, September 30, 2022
本ブログは、Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Serverの抄訳版です。最新の情報は原文を参照してくだ
Tuesday, September 20, 2022
本ブログは、Defense-in-Depth Updates for Azure Identity SDK and Azure Key Vault SDK plus Best Practice Implementation Guidance の抄訳版です。最新の情報は
Tuesday, September 20, 2022
Summary Today, Microsoft released new versions of the Azure Key Vault libraries and Azure Identity libraries as part of the Azure Software Development Kit (SDK) that includes defense-in-depth feature improvements. We also published best practice guidance to help protect applications and services that allow externally controlled input into the Azure Key Vault client URI for processing.
Tuesday, September 13, 2022
2022 年 9 月 13 日 (米国時間)、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ
Monday, September 12, 2022
本ブログは、Curious, Innovative, Creative, Community Driven: Meet Cyb3rWard0g, Roberto Rodriquez の抄訳版です。最新の情報は原文を参照してください。 大きく
Wednesday, September 07, 2022
When I grow up I want to be? Dancer or a veterinarian Happiest memories: Tearing up the dance floor at weddings and playing soccer in the streets of Lima, Peru Previous Job roles : Mopped floors for McDonalds, packed boxes at an Avon warehouse, Manager at Olive Garden, Beer taster/server and then dove into tech and security
