Month Archives: November 2023

Introducing the Microsoft Defender Bounty Program

Tuesday, November 21, 2023

We are excited to announce the new Microsoft Defender Bounty Program with awards of up to $20,000 USD. The Microsoft Defender brand encompasses a variety of products and services designed to enhance the security of the Microsoft customer experience. The Microsoft Defender Bounty Program invites researchers across the globe to identify vulnerabilities in Defender products and services and share them with our team.

Read More

• Security Researcher
• Security Research
• Bounty
• Bug Bounty
• Community-based Defense

Microsoft Defender の報奨金プログラムの紹介

Tuesday, November 21, 2023

本ブログは、Introducing the Microsoft Defender Bounty Program の抄訳版です。最新の情報は原文を参照してください。 最高 20,000

Read More

• セキュリティ研修者
• セキュリティ研究
• 報奨金
• バグ報奨金
• コミュニティ型ディフェンス

Patch Tuesday の20年を振り返る

Tuesday, November 21, 2023

本ブログは、Reflecting on 20 years of Patch Tuesday の抄訳版です。最新の情報は原文を参照してください。 今年は

Read More

• 月例 セキュリティ更新プログラム
• セキュリティ更新プログラムガイド

マイクロソフト バグ報奨金プログラムの 10 周年と 6,000 万ドル以上の賞金を祝う

Tuesday, November 21, 2023

本ブログは、Celebrating ten years of the Microsoft Bug Bounty program and more than $60M awarded の抄訳版です。最新の情報は原文を参照して

Read More

• バグ報奨金プログラム
• セキュリティ研究者

Celebrating ten years of the Microsoft Bug Bounty program and more than $60M awarded

Monday, November 20, 2023

This year marks the tenth anniversary of the Microsoft Bug Bounty Program, an essential part of our proactive strategy to protect customers from security threats. Since its inception in 2013, Microsoft has awarded more than $60 million to thousands of security researchers from 70 countries. These individuals have discovered and reported vulnerabilities under Coordinated Vulnerability Disclosure, aiding Microsoft in navigating the continuously evolving security threat landscape and emerging technologies.

Read More

• Bug Bounty
• Security Researcher

Reflecting on 20 years of Patch Tuesday

Friday, November 17, 2023

This year is a landmark moment for Microsoft as we observe the 20th anniversary of Patch Tuesday updates, an initiative that has become a cornerstone of the IT world’s approach to cybersecurity. Originating from the Trustworthy Computing memo by Bill Gates in 2002, our unwavering commitment to protecting customers continues to this day and is reflected in Microsoft’s Secure Future Initiative announced this month.

Read More

• Update Tuesday
• Security Update Guide

2023 年 11 月のセキュリティ更新プログラム (月例)

Tuesday, November 14, 2023

2023 年 11 月 14 日 (米国時間) 、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ

Read More

• アドバイザリ
• セキュリティ更新
• セキュリティ更新プログラム
• 月例セキュリティ更新日

Azure CLI 経由で GitHub Actions Log に流出した認証情報に関するマイクロソフトのガイダンス

Tuesday, November 14, 2023

本ブログは、Microsoft guidance regarding credentials leaked to GitHub Actions Logs through Azure CLI の抄訳版です。最新の情報は原文を参照してください

Read More

• Azure
• 協調的脆弱性開示
• セキュリティ研究者

Microsoft guidance regarding credentials leaked to GitHub Actions Logs through Azure CLI

Tuesday, November 14, 2023

Summary The Microsoft Security Response Center (MSRC) was made aware of a vulnerability where Azure Command-Line Interface (CLI) could expose sensitive information, including credentials, through GitHub Actions logs. The researcher, from Palo Alto Networks Prisma Cloud, found that Azure CLI commands could be used to show sensitive data and output to Continuous Integration and Continuous Deployment (CI/CD) logs.

Read More

• Azure
• Coordinated Vulnerability Disclosure
• Security Researcher

セキュリティ更新プログラム リリース スケジュール (2024 年)

Tuesday, November 14, 2023

2024 年のセキュリティ更新プログラムの公開予定日は下記のとおりです。更新プログラムの評価、テスト、適用の

Read More

• セキュリティ情報
• セキュリティ更新
•