Black Hat

The EMET 2.0 Training Video has arrived!

Hey there, I’m pleased to announce that the BlueHat team has partnered with the dynamic Microsoft Security Response Center (MSRC) Engineering duo of Andrew Roths and Fermin J. Serna on a training video previewing the new release, version 2.0, of the Enhanced Mitigation Experience Toolkit (EMET). This training video is currently live on the BlueHat …

The EMET 2.0 Training Video has arrived! Read More »

Coordinated Vulnerability Disclosure: Bringing Balance to the Force

Today on the MSRC blog, Matt Thomlinson, General Manager of Trustworthy Computing Security, announced our new philosophy on Coordinated Vulnerability Disclosure. I wanted to provide some context and history on how this came about. This post is about changing the way we at Microsoft talk about some familiar disclosure concepts, and is meant as an introduction …

Coordinated Vulnerability Disclosure: Bringing Balance to the Force Read More »

Snowpacalypse Now (I love the smell of briefings in the morning)

Handle:Avatar IRL: Karl Hanmore Rank: Senior Security Strategist (aka Sergeant Grunt) Likes: Getting the job done, bringing the fight to the bad guys, good single malt whiskey Dislikes: Cowards, talkers not doers, red tape, humidity Handle:Mando Picker IRL: Dustin Childs Rank: Security Program Manager Likes: Protecting customers, working with security researchers, second Tuesdays, bourbon, mandolins …

Snowpacalypse Now (I love the smell of briefings in the morning) Read More »

Attacking SMS

This year at BlackHat USA in Las Vegas, we presented on the topic of attacking Short Message Service (SMS). Our presentation focused on the different ways in which SMS can be used to compromise mobile security. We’re excited to give an updated version of our talk at the upcoming BlueHat v9 conference later this month, …

Attacking SMS Read More »

Threat Complexity Requires New Levels of Collaboration

When complex security issues that affect multiple vendors arise, calling them “challenging” is an understatement. We created the Microsoft Vulnerability Research Program (MSVR) to meet those challenges, learn from those experiences and strengthen the ties of our community of defenders across the industry in the process. As the state of software security matures beyond straightforward …

Threat Complexity Requires New Levels of Collaboration Read More »

Black Hat USA: Hoping what happens in Vegas doesn’t actually stay in Vegas…

    Handle:Security Blanki IRL: Sarah Blankinship Rank: Senior Security Strategist Lead Likes: Vuln wrangling, teams of rivals, global climate change – the hotter the better Dislikes: Slack jawed gawkers (girls are geeks too!), customers @ risk, egos This week our team is preparing to travel to Black Hat USA in Las Vegas Nevada, a …

Black Hat USA: Hoping what happens in Vegas doesn’t actually stay in Vegas… Read More »

Chills and Thrills at FIRST

Sveika! Hey Steve here, been a while since I posted on the EcoStrat blog. With all the security events that happened during the latter half of 2008, I have been very focused on working with the security update releases and Microsoft Active Protections Program (MAPP). Handle: Cap’n Steve IRL: Steve Adegbite Rank: Senior Security Program …

Chills and Thrills at FIRST Read More »