Microsoft Security Center Center News

Subscribe to Microsoft Security Center Center News feed
Recent content on Microsoft Security Response Center
Updated: 26 min 40 sec ago

Toward greater transparency: Adopting the CWE standard for Microsoft CVEs

Mon, 04/08/2024 - 07:00
At the Microsoft Security Response Center (MSRC), our mission is to protect our customers, communities, and Microsoft from current and emerging threats to security and privacy. One way we achieve this is by determining the root cause of security vulnerabilities in Microsoft products and services. We use this information to identify vulnerability trends and provide this data to our Product Engineering teams to enable them to systematically understand and eradicate security risks.
Categories: Microsoft

Embracing innovation: Derrick’s transition from banking to Microsoft’s Threat Intelligence team

Tue, 04/02/2024 - 07:00
Meet Derrick, a Senior Program Manager on the Operational Threat Intelligence team at Microsoft. Derrick’s role involves understanding and roadmapping the complete set of tools that Threat Intel analysts use to collect, analyze, process, and disseminate threat intelligence across Microsoft. Derrick’s love of learning and his natural curiosity led him to a career in technology and ultimately, to his current role at Microsoft.
Categories: Microsoft

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

Fri, 03/08/2024 - 08:00
This blog provides an update on the nation-state attack that was detected by the Microsoft Security Team on January 12, 2024. As we shared, on January 19, the security team detected this attack on our corporate email systems and immediately activated our response process. The Microsoft Threat Intelligence investigation identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as NOBELIUM.
Categories: Microsoft

Faye’s Journey: From Security PM to Diversity Advocate at Microsoft

Thu, 02/29/2024 - 08:00
Faye, a veteran at Microsoft for 22 years, has had a career as varied as it is long. Her journey began in 2002 as the first desktop security Project Manager (PM) in Microsoft IT. From there, she transitioned into owning a deployment team that deployed to desktops and handled operations for Office’s first few customers.
Categories: Microsoft

Microsoft boosts its Microsoft 365 Insider Builds on Windows Bounty Program with higher awards and an expanded scope

Tue, 02/27/2024 - 08:00
Starting today, we are doubling the maximum bounty award for the Microsoft 365 Insider Bug Bounty Program to $30,000 USD for high impact scenarios, such as unauthenticated non-sandboxed code execution with no user interaction. We are also expanding the scope of our bounty program to include more vulnerability types and products.
Categories: Microsoft

From Indiana Jones to Cybersecurity: The Inspiring Journey of Devin

Mon, 02/26/2024 - 08:00
As a young boy, Devin found himself captivated by the adventures of Indiana Jones, the whip-wielding archaeologist from the VHS movies his grandfather showed him. The thrill of unearthing history and the allure of the unknown ignited a spark in Devin, leading him to dream of becoming an archaeologist. However, as he grew older and learned more about the realities of archaeology, he realized that his passion lay elsewhere.
Categories: Microsoft

An Obsession With Impact: The Inspiring Journey of a Dreamer That Led to a Career at Microsoft

Tue, 02/20/2024 - 08:00
Bruce’s story unfolds in Cincinnati, Ohio. As a young boy, he had an ambitious dream of one day becoming the President of the United States. This aspiration remained his guiding star until he began his professional career after college. His mother, amused by his
Categories: Microsoft

New Security Advisory Tab Added to the Microsoft Security Update Guide

Thu, 02/15/2024 - 08:00
Today, we are adding a new Security Advisory tab to the Security Update Guide to meet our customers’ needs for a unified and authoritative source for the latest public information about Microsoft security updates and issues. We are continuously listening to feedback from users of the Security Update Guide. Our goal is to find new and improved ways to help customers manage security risks and keep their systems protected.
Categories: Microsoft

Congratulations to the Top MSRC 2023 Q4 Security Researchers!

Tue, 01/30/2024 - 08:00
Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2023 Q4 Security Researcher Leaderboard are Yuki Chen, Wei, VictorV! Check out the full list of researchers recognized this quarter here.
Categories: Microsoft

Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

Fri, 01/19/2024 - 08:00
The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. Microsoft has identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as Nobelium.
Categories: Microsoft

BlueHat India Call for Papers is Now Open!

Mon, 01/08/2024 - 08:00
You asked for it and it’s finally here! The inaugural BlueHat India conference will be held April 18-19, 2024, in Hyderabad, India! This intimate conference will bring together a unique blend of security researchers and responders, who come together as peers to exchange ideas, experiences, and learnings in the interest of creating a safer and more secure world for all.
Categories: Microsoft