New Research Paper: Pre-hijacking Attacks on Web User Accounts
New Research Paper: Pre-hijacking Attacks on Web User Accounts Read More »
Researcher Spotlight: Hector Peralta’s Evolution from Popcorn Server to the MSRC Leaderboards
Anatomy of a Security Update
Vulnerability mitigated in the third-party Data Connector used in Azure Synapse pipelines and Azure Data Factory (CVE-2022-29972)
Azure Database for PostgreSQL Flexible Server Privilege Escalation and Remote Code Execution
Congratulations and New Swag Awards for the Top MSRC 2022 Q1 Security Researchers!
Congratulations and New Swag Awards for the Top MSRC 2022 Q1 Security Researchers! Read More »
Expanding High Impact Scenario Awards for Microsoft Bug Bounty Programs
Expanding High Impact Scenario Awards for Microsoft Bug Bounty Programs Read More »
Microsoft’s Response to CVE-2022-22965 Spring Framework
Microsoft’s Response to CVE-2022-22965 Spring Framework Read More »
Randomizing the KUSER_SHARED_DATA Structure on Windows
Randomizing the KUSER_SHARED_DATA Structure on Windows Read More »
On-Premises Servers Products are Here! Introducing the Applications and On-Premises Servers Bug Bounty Program
Increasing Representation of Women in Security Research
Increasing Representation of Women in Security Research Read More »
Randomizing the KUSER_SHARED_DATA Structure on Windows
Exploring a New Class of Kernel Exploit Primitive
Exploring a New Class of Kernel Exploit Primitive Read More »
Guidance for CVE-2022-23278 spoofing in Microsoft Defender for Endpoint
Guidance for CVE-2022-23278 spoofing in Microsoft Defender for Endpoint Read More »
Disclosure of Vulnerability in Azure Automation Managed Identity Tokens
Disclosure of Vulnerability in Azure Automation Managed Identity Tokens Read More »
Cyber threat activity in Ukraine: analysis and resources
Cyber threat activity in Ukraine: analysis and resources Read More »
Researcher Spotlight: Cyber Viking Nate Warfield is Here to Help
Researcher Spotlight: Cyber Viking Nate Warfield is Here to Help Read More »