Wednesday, February 20, 2019
MSRC

February 2019 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide.
MSRC

Microsoft’s Cyber Defense Operations Center shares best practices

Today, a single breach, physical or virtual, can cause millions of dollars of damage to an organization and potentially billions in financial losses to the global economy. Each week seems to bring a new disclosure of a cybersecurity breach...
MSRC

Announcing the Microsoft Azure DevOps Bounty program

The Microsoft Security Response Center (MSRC) is pleased to announce the launch of the Azure DevOps Bounty program, a program dedicated to providing rock-solid security for our DevOps customers. Starting January 17, 2019, we’re excited to offer rewards up...
MSRC

January 2019 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates.  More information about this month’s security updates can be found on the Security Update Guide.
MSRC

December 2018 Security Update Release

Today, we released a security update for Internet Explorer after receiving a report from Google about a new vulnerability being used in targeted attacks. Customers who have Windows Update enabled and have applied the latest security updates, are protected automatically. We...
MSRC

December 2018 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates.  More information about this month’s security updates can be found on the Security Update Guide. 
MSRC

November 2018 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates.   More information about this month’s security updates can be found on the Security Update Guide. 
MSRC

Should You Send Your Pen Test Report to the MSRC?

Every day, the Microsoft Security Response Center (MSRC) receives vulnerability reports from security researchers, technology/industry partners, and customers. We want those reports, because they help us make our products and services more secure. High-quality reports that include proof of...
MSRC

October 2018 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team
MSRC

Standing behind “MSRC Listens”

Last week at BlueHat’s “MSRC Listens” session, I took the stage with Mechele Gruhn, manager of the Vulnerability Response PM team, to explain how MSRC is changing our communication, workflows, and tooling to deliver an improved user experience for...
MSRC

September 2018 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. MSRC team
MSRC

Inside MSRC: Sharing Our Story & Customer Tips

For the last 20 years, the Microsoft Security Response Center has been an integral part of Microsoft’s commitment to customer security.  We are often called on to talk about the work we do and how customers can apply the...
MSRC

August 2018 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates.  More information about this month’s security updates can be found on the Security Update Guide.   MSRC team 
MSRC

Microsoft’s Top 100 Security Researchers – Black Hat 2018 Edition

This morning we are excited to unveil the security researcher leaderboard at the Black Hat Security Conference.  This list recognizes the top security researchers who have contributed research to the Microsoft products and services.  If you are curious on...
MSRC

The Making of the Top 100 Researcher List

At Black Hat USA each year, we unveil the Top 100 Security Researcher list to reflect the amazing engagement we get from the community. During this period, we had several thousand researchers engage with the Microsoft Security Response Center...

Can you really sniff out gas station card skimmers with your phone?

A viral post suggests (wrongly) that card skimmers always use Bluetooth. Anyway, just looking at nearby Bluetooth names doesn't help much...
SecurityWeek

Canada Helping Australia Determine ‘Full Extent’ of Hack

Canada's electronic eavesdropping agency said Wednesday it is working with Canberra to try to determine the scale of computer hacking on Australia's parliament and political parties just months from an election. read more

Researcher: Not Hard for a Hacker to Capsize a Ship at Sea

Maritime transport still contributes in an important way to the world’s economy, with on-time shipments influencing everything from commodities availability and spot pricing to the stability of small countries. Unfortunately, capsizing a ship with a cyberattack is a relatively...
SC Magazine

30 years in: My, how SC and security have changed

1989. Acid wash jeans, Bon Jovi and the compassionate conservatism of the Reagan Era were actually, unironically popular. The Berlin Wall fell, free elections were held in the then Soviet Congress of Deputies, Vaclev Havel became president of Czechoslavakia,...
SecurityWeek

WinPot ATM Malware Resembles a Slot Machine

A piece of malware targeting automated teller machines (ATMs) has an interface that looks like a slot machine, Kaspersky Lab reports.  Dubbed WinPot, the malware was initially detected in March last year, targeting the ATMs of a popular vendor to...