Thursday, October 09, 2008
Hello, Bill here. I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, Oct. 14, 2008 around 10 a.m. Pacific Standard Time. It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
Thursday, October 09, 2008
Hello, Bill here, I wanted to let you know that we have just updated Microsoft Security Advisory (951306). Exploit code has been published on the Internet for the vulnerability addressed by this Advisory. Our investigation has shown that it does not affect customers who have applied the workarounds listed in the Advisory.
Tuesday, October 07, 2008
Handle: C-Lizzle IRL: Celene Temkin Rank: BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! Hopefully by now you’ve seen the lead in to BlueHat v8 blog post, the official announcement post, and perused the spiffy, revamped BlueHat page. I’m truly amazed to see how the content has shaped up as we approach the final countdown to BlueHat v8: C3P0wned on October 16-17.
Monday, October 06, 2008
Working to find bugs in the software security industry is much like prospecting for natural resources. An engineer takes a high level view of an unknown piece of territory to determine the lay of the land and narrow down the geography into a few key locations of interest using intuition, experience, and macro-scale information.
Monday, September 29, 2008
Another six months has passed – must be time for BlueHat, Microsoft’s internal security conference. This one is shaping up to be an interesting one. The early BlueHats were all about the raw technology – Shok blowing out the memory manager, Brett Moore facepalming over yet another file format vulnerability. But determining vulnerability requires more than just understanding technology.
Monday, September 22, 2008
The Wikipedia page for Natural Language Processing (not the Darren Brown stuff) describes it as “a subfield of artificial intelligence and computational linguistics.” So why am I discussing this on the BlueHat blog? If, like me, you sucked at linguistics in school, you might think that it has no place in IT security.
Friday, September 19, 2008
Handle: Zot IRL: Zot O’Connor Rank: Program Manager 2 Likes: Taking on the enemy with partners, Automating processes, good scotch and bourbon Dislikes: Poor reporting, FUD, miscreants, dangling participles Well it’s been a busy week at GOVCERT.NL Symposium 2008. I thank the wonderful people at GovCERT.nl for creating an amazing event.
Tuesday, September 16, 2008
Handle: Zot IRL: Zot O’Connor Rank: Program Manager 2 Likes: Taking on the enemy with partners, Automating processes, good scotch and bourbon Dislikes: Poor reporting, FUD, miscreants, dangling participles As I am traveling in Europe, about to attend the GOVCERT.NL Symposium 2008, I wanted to explain how we work with Guidance Providers (CERTs and similar groups) and why we consider them one of the most important segments in the ecosystem.
Monday, September 15, 2008
Andrew Cushman back again. BlueHat v8 is October 15th, 16th and 17th on the Microsoft campus in Redmond. The BlueHat team selected content that’s especially interesting and topical for Microsoft engineers and execs. We start it off with an Exec Day on the 15th – condensed versions of the presentations – still deeply technical – just delivered faster and with fewer graphics and demos.
Friday, September 12, 2008
Register now for the September 2008 Security Bulletin Webcast Security Bulletin Webcast Q&A Index Hosts: Christopher Budd, Security Response Communications Lead Adrian Stone, Lead Security Program Manager (MSRC) Website: TechNet/security Chat Topic: September 2008 Security Bulletin Date: Wednesday, September 9, 2008 Q: Are there any issues between Microsoft and Altiris that is delaying the availability of this month’s bulletins?
