Sans News Feed
- Geolocation and Starlink, (Tue, Jan 21st) January 21, 2025Until now, satellite internet access has been more of a niche solution for internet access. But with the wide availability of Starlink, this is changing. Starlink's performance and price are competitive for many rural users to forgo solutions like cellular or slower DSL speeds if they are available at all.
- ISC Stormcast For Tuesday, January 21st, 2025 https://isc.sans.edu/podcastdetail/9288, (Tue, Jan 21st) January 21, 2025
- Partial ZIP File Downloads, (Mon, Jan 20th) January 20, 2025Say you want a file that is inside a huge online ZIP file (several gigabytes large). Downloading the complete ZIP file would take too long.
- ISC Stormcast For Monday, January 20th, 2025 https://isc.sans.edu/podcastdetail/9286, (Mon, Jan 20th) January 20, 2025
- Zero Trust and Entra ID Conditional Access, (Sun, Jan 19th) January 19, 2025Microsoft Entra ID (Formerly Azure AD) Conditional Access (CA) policies are the key components to a Zero Trust strategy, as it provides the ability to function as the front door for users and devices. CA policies use attributes, or signals, of various components as variables to be used to enforce specific access controls. Attributes include […]
- New tool: immutable.py, (Sat, Jan 18th) January 18, 2025When performing triage on a Linux system you suspect might be compromised, there are many aspects of the system that you may want to look at. In SANS FOR577, we talk about some existing tools and even writing your own bash script to collect triage data. In a case I worked a year or so […]
- Leveraging Honeypot Data for Offensive Security Operations [Guest Diary], (Fri, Jan 17th) January 17, 2025[This is a Guest Diary by Alex Sanders, an ISC intern as part of the SANS.edu BACS program]
- ISC Stormcast For Friday, January 17th, 2025 https://isc.sans.edu/podcastdetail/9284, (Fri, Jan 17th) January 17, 2025
- Extracting Practical Observations from Impractical Datasets, (Thu, Jan 16th) January 16, 2025[This is a Guest Diary by Curtis Dibble, an ISC intern as part of the SANS.edu BACS [1] program]
- The Curious Case of a 12-Year-Old Netgear Router Vulnerability, (Wed, Jan 15th) January 15, 2025Routers play an essential role in networking and are one of the key components that allow users to have internet connectivity. Vulnerabilities in routers could result in reduced speeds or the possibility of vulnerable equipment being compromised and turned into part of a botnet. While looking at the DShield weblogs, I noticed an interesting URL […]
Microsoft Security Feed
- Scaling Dynamic Application Security Testing (DAST) January 21, 2025Table of Contents Introduction Why most enterprises have trouble scaling DAST Web endpoint discovery Automated OpenAPI Specification generation solutions that do scale (sort of) Authentication and authorization A scalable DAST solution Web endpoint discovery Authentication and authorization Authentication hook Authorization hook DAST orchestration platform architecture Conclusion and looking ahead Introduction Microsoft engineering teams use the […]
- Congratulations to the Top MSRC 2024 Q4 Security Researchers! January 15, 2025Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2024 Q4 Security Researcher Leaderboard are Suresh, VictorV, wkai! Check out the full list of researchers recognized this quarter here.
- Mitigating NTLM Relay Attacks by Default December 9, 2024Introduction In February 2024, we released an update to Exchange Server which contained a security improvement referenced by CVE-2024-21410 that enabled Extended Protection for Authentication (EPA) by default for new and existing installs of Exchange 2019. While we’re currently unaware of any active threat campaigns involving NTLM relaying attacks against Exchange, we have observed threat […]
- Announcing the Adaptive Prompt Injection Challenge (LLMail-Inject) December 6, 2024We are excited to introduce LLMail-Inject, a new challenge focused on evaluating state-of-the-art prompt injection defenses in a realistic simulated LLM-integrated email client. In this challenge, participants assume the role of an attacker who sends an email to a user. The user then queries the LLMail service with a question (e.
- Securing AI and Cloud with the Zero Day Quest November 19, 2024Our security teams work around the clock to help protect every person and organization on the planet from security threats. We also know that security is a team sport, and that’s why we also partner with the global security community through our bug bounty programs to proactively identify and mitigate potential issues before our customers […]
- Toward greater transparency: Publishing machine-readable CSAF files November 12, 2024Welcome to the third installment in our series on transparency at the Microsoft Security Response Center (MSRC). In this ongoing discussion, we talk about our commitment to providing comprehensive vulnerability information to our customers. At MSRC, our mission is to protect our customers, communities, and Microsoft, from current and emerging threats to security and privacy.
- Congratulations to the Top MSRC 2024 Q3 Security Researchers! October 23, 2024Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2024 Q3 Security Researcher Leaderboard are wkai, VictorV, and Zhihua Wen! Check out the full list of researchers recognized this quarter […]
- Announcing the BlueHat 2024 Sessions October 22, 202434 sessions from 54 presenters representing 20 organizations! We are thrilled to reveal the lineup of speakers and presentations for the 23rd BlueHat Security Conference, in Redmond WA from Oct 29-30. This year’s conference continues the BlueHat ethos and Secure Future Initiative mission of “Security Above All Else”. Security researchers and responders from inside and outside […]
- Announcing BlueHat 2024: Call for Papers now open August 7, 2024The 23rd edition of Microsoft’s BlueHat security conference will be hosted by the Microsoft Security Response Center (MSRC) at the Redmond, WA corporate campus, October 29 and 30, 2024. BlueHat brings together security researchers and responders from both inside and outside of Microsoft, who come together as peers to exchange ideas, experiences, and best practices, all […]
- Congratulations to the MSRC 2024 Most Valuable Security Researchers! August 6, 2024The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s 100 Most Valuable Researchers (MVRs), based on the total number of points earned for each valid report.
Cyber Security Alerts
- CISA Calls For Action to Close the Software Understanding Gap January 16, 2025 CISA
- CISA Publishes Microsoft Expanded Cloud Log Implementation Playbook January 15, 2025 CISA
- CISA, JCDC, Government and Industry Partners Publish AI Cybersecurity Collaboration Playbook January 14, 2025 CISA
- CISA Releases New Sector Specific Goals for IT and Product Design January 7, 2025 CISA
- CISA Update on Treasury Breach January 6, 2025 CISA
- CISA Directs Federal Agencies to Secure Cloud Environments December 17, 2024 CISA
- CISA and ONCD Publish Guide to Strengthen Cybersecurity of Grant-Funded Infrastructure Projects December 17, 2024 CISA
- CISA Publishes Draft National Cyber Incident Response Plan for Public Comment December 16, 2024 CISA
- 2024 Year in Review Highlights CISA’s Achievements in Reducing Risk and Building Resilience in Cybersecurity and Critical Infrastructure Security December 16, 2024 CISA
- CISA, NSA, FBI and International Partners Publish Guide for Protecting Communications Infrastructure December 3, 2024 CISA