Microsoft Security Response Center’s Post

Tom Gallagher, VP of Engineering, shares his 25-year Microsoft journey, from SharePoint tester to MSRC leader on The BlueHat Podcast. Tune in and listen to Tom reflect on his cybersecurity journey, learn about a Clippy vulnerability, and get insights on supporting teams with code vulnerabilities: https://msft.it/6013lztMh #BlueHat

We're proud to sponsor the Cybersecurity Woman of the Year (CSWY) Awards Gala on August 5th. Women have been and will continue to be essential to the advancement of technology and cybersecurity. The CSWY Awards celebrate the outstanding female cybersecurity professionals who are making a significant impact through their dedication and expertise. We are proud to announce that Eva Benn, Senior Security Program Manager on the Microsoft Red Team, is a finalist for the “People’s Choice” Award. Show your support for Eva by participating in the voting process: https://lnkd.in/e2GA2fJ8. Voting closes on July 15th. Best of luck to Eva and all the incredible nominees!

CVRF API 3.0 is here! It's faster and more secure. Update your PowerShell module with a few simple commands for an improved experience. Learn more in our blog post: https://lnkd.in/gws23XaH

Security updates for July 2024 are now available. Details are available here: https://msft.it/60119yPTS #PatchTuesday #SecurityUpdateGuide

We have introduced new features to the Report Abuse Portal and API. You can now report suspicious OAuth applications registered in Entra ID and report up to 10 related IPs or URLs in a single incident. These updates will streamline the reporting process and enhance our response to abuse reports. Read more about these improvements in our latest blog post: https://lnkd.in/gfb8EsJ8

𝗘𝘃𝗲𝗻𝘁: MSRC Researcher Celebration 𝗗𝗮𝘁𝗲: August 8, 2024 𝗟𝗼𝗰𝗮𝘁𝗶𝗼𝗻: Top-secret venue in Las Vegas   𝗠𝗶𝘀𝘀𝗶𝗼𝗻 𝗯𝗿𝗶𝗲𝗳𝗶𝗻𝗴: MSRC Researchers are gathering at our invite-only celebration during Black Hat for a fun evening of discussion and celebration. 𝗜𝗻𝗰𝗼𝗺𝗶𝗻𝗴 𝘁𝗿𝗮𝗻𝘀𝗺𝗶𝘀𝘀𝗶𝗼𝗻: Keep an eye on your email for mission details and prepare for an unforgettable night. ✉️✨ #MSFTBlackHat #BHUSA

In our ongoing commitment to transparency, we will now issue CVEs for critical cloud service vulnerabilities, regardless of whether customers need to install a patch or take other actions to protect themselves. Learn more in our blog post: https://msft.it/6044YCjBG

Today, we hosted a Capture the Flag event for Microsoft interns. This team-based competition had interns tackling 42 security challenges across 14 different vulnerability types. Many thanks to Alyssa Estrada from the Microsoft STRIKE team for leading this event. 🏆Top three teams: First Place Team: Adam Hassan Minh Duong Emma Hartman Landon Crabtree Matthew M. Second Place Team: Mauricio Munoz Angel Manuel Tapia Avitia Sofya Malashchenko Daniel Barocio Iván Romero Third Place team: Myles Sloan Angelina Z. Tanay Shah Powall W. Gwendolyn Vongkasemsiri Congratulations to all the Microsoft interns who participated! 👏

Many thanks to all our incredible #BlueHatIndia speakers. In addition to the keynotes we previously highlighted, we want to acknowledge the following speakers for their incredible presentations: John Sherchan, Red Team Security Researcher at CyberWarFare Labs , presented "Assembly.Load: Writing One Byte to Evade AMSI Scan." He discussed bypass techniques and implementation. Vishal Mishra, Senior Security Engineer, Microsoft, presented "The Dusky Shark: TDS Downgrade," covering TDS protocol, exploits, mitigations, and CVE-2024-0056. Dinesh Prakash, Senior Technical Manager at Comcast, presented “xGitGuard: The Sentinels of Secrecy,” discussing xGitGuard and other open-source projects from Comcast SPIDER. Omkar Gudhate, Senior Threat Analyst, Microsoft, and Abhishek Pustakala, Security Researcher II, Microsoft, presented "Scam 2023: The Story Behind How Cybercriminals Are Targeting Indian Android Users," focusing on MITRE ATT&CK TTPs and MDE mitigation. Preksha Saxena and Yashvi Shah, Security Researchers at McAfee, presented “Phishing Landscape Evolution: Unveiling Layers of Email-Initiated Malware Delivery,” discussing phishing email tactics and vulnerabilities. Dmitrijs Trizna, Senior Security Researcher at Microsoft, gave a talk titled: “The Impact of Backdoor Poisoning Vulnerabilities on AI-Based Threat Detectors,” covering AI-based defenses and attacks on AI models. Tarun Gudipati and Ritik Bavdekar, Software Engineers at Microsoft presented “Unveiling Quantum Horizons: Decrypting the Future of Cryptography,” covering present-day cryptography, quantum computing challenges, and Crystals Kyber. Venkatachalabathy SR, Senior Security Research Lead, Microsoft, and Shaleen Dev P.K., Security Researcher II, Microsoft, presented "Adversaries Abuse OAuth Applications with Diverse TTPs to Automate Attacks," focusing on OAuth phishing campaigns and TTPs. Dhruva Goyal, Founder & CEO at BugBase, and Sitaraman S., Founder & CIO at BugBase, presented "Pentest Copilot: Redefining Penetration Testing with LLMs," discussing LLM-based penetration testing and AI safety. Rajesh Kumar Natarajan, Senior Security Researcher, Microsoft, presented “CryptoCurrency Harvest: Unraveling the Progression of Linux Coinminers and Strategic MITRE ATT&CK Alignments," covering cryptomining attacks and detection tactics. Shreya Pohekar Agrawal, Product Security Analyst at HackerOne, presented “Wolf in Sheep’s Code: The Lesser-Known Business Logic Flaws,” discussing business logic bugs and mitigation. Kirtikumar Anandrao Ramchandani, Independent Security Researcher, presented "Hacking WebViews for Fun and Profit," discussing intent-based and Tel URL-based vulnerabilities. Jacob T., Head of Labs at ThinkstCanary, presented “Tracking Illicit Phishermen in the Deep Blue Azure,” discussing deception engineering and a new Canarytoken for Azure phishing detection.