Monday, September 25, 2023
Fun facts about Rocco Calvi (@TecR0c): Microsoft MVR: Rocco is a 2023 Microsoft Most Valuable Researcher. Fitness fanatic: Inspired by old-school body building and countless hours of chopping and carrying wood in the mountains during his youth, Rocco remains a fitness enthusiast, setting himself challenges and pushing his limits.
Tuesday, September 19, 2023
本ブログは、Microsoft mitigated exposure of internal information in a storage account due to overly-permissive SAS tokenの抄訳版です。最新の情報は原文を参
Monday, September 18, 2023
Summary Summary As part of a recent Coordinated Vulnerability Disclosure (CVD) report from Wiz.io, Microsoft investigated and remediated an incident involving a Microsoft employee who shared a URL for a blob store in a public GitHub repository while contributing to open-source AI learning models. This URL included an overly-permissive Shared Access Signature (SAS) token for an internal storage account.
Tuesday, September 12, 2023
2023 年 9 月 12 日 (米国時間) 、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ
Wednesday, September 06, 2023
On July 11, 2023, Microsoft published a blog post which details how the China-Based threat actor, Storm-0558, used an acquired Microsoft account (MSA) consumer key to forge tokens to access OWA and Outlook.com. Upon identifying that the threat actor had acquired the consumer key, Microsoft performed a comprehensive technical investigation into the acquisition of the Microsoft account consumer signing key, including how it was used to access enterprise email.
Wednesday, September 06, 2023
本ブログは、Results of Major Technical Investigations for Storm-0558 Key Acquisition の抄訳版です。最新の情報は原文を参照してください。 2023 年 7 月
