Security Research

Announcing BlueHat v9: Through the Looking Glass

Handle:C-Lizzle IRL: Celene Temkin Rank: Program Manager 2 & BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos!  BlueHat v9 will take place from October 21 to 23 at the Microsoft campus in Redmond. Last year, we experimented with a day dedicated to attacks and …

Announcing BlueHat v9: Through the Looking Glass Read More »

Threat Complexity Requires New Levels of Collaboration

When complex security issues that affect multiple vendors arise, calling them “challenging” is an understatement. We created the Microsoft Vulnerability Research Program (MSVR) to meet those challenges, learn from those experiences and strengthen the ties of our community of defenders across the industry in the process. As the state of software security matures beyond straightforward …

Threat Complexity Requires New Levels of Collaboration Read More »

Stainless steel bridge

Hi! Manuel Caballero here. I had the pleasure of penetration testing (pen-testing) the previous versions of Microsoft Silverlight, and now, for the last three weeks, I’ve been playing around with the beta version of Silverlight 3. When I say, “the pleasure”, I really mean it. Playing with Silverlight means to play with a plug-in that, …

Stainless steel bridge Read More »

Announcing the BlueHat Security Forum: EU Edition

Handle:C-Lizzle IRL: Celene Temkin Rank: Program Manager 2 & BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! Hey folks! I know this is typically the time of year when birds are chirping, the rain is supposed to be letting up, and those of you …

Announcing the BlueHat Security Forum: EU Edition Read More »

Learning by our mistakes

Mike Andrews here. With a very broad brush, the vulnerabilities we see can be split into two categories — flaws and bugs. Flaws are inherent problems with the design of a system/application – Dan Kaminskys’ DNS vulnerability would be a good example. Bugs, on the other hand, are issues with the implementation of the software, …

Learning by our mistakes Read More »