Microsoft continues to investigate the recent nation-state attack on SolarWinds. Herein, the latest threat intelligence, IOCs & guidance across products & solutions to help respond, harden infrastructure & begin recovery. As new info surfaces, we'll update aka.ms/solorigate

Reminder to our customers to deploy the latest security update & follow the published guidance to prepare for the Feb 9, 2021 Security Update that enforces Secure RPC for Netlogon secure channel connections (CVE-2020-1472). For further info, see our blog: msft.it/6010pWZBA

Security Updates for February 2021 are now available!. Details are here: msrc.microsoft.com/update-guide/ Important: Microsoft released Windows Updates for multiple TCP/IP vulnerabilities today. See this blog for more details about these issues: aka.ms/tcpipvulns

Exchange updates release today. Please prioritize patching any publicly exposed Exchange servers exposed to the Internet.

Released clarifying guidance regarding CVE-2021-34527. Customers should check their registry settings in addition to applying the security update.

See more information on the Microsoft OMI CVEs in the MSRC blog post: msrc-blog.microsoft.com/2021/09/16/add…

Hunting for OMI Vulnerability Exploitation with Azure Sentinel - Microsoft Tech Community #MSTIC #AzureSentinel techcommunity.microsoft.com/t5/azure-senti…

What good is DISH if I don’t have NBC and Sunday night football? First Fox, now NBC? I’m seriously reconsidering my service now.

I've been happily learning about machine learning. Impressed how easy it was to get up and running. Took Azure Cognitive Services for a spin. microsoft.com/en-us/ai/ai-sc…

I find watching crazy weather like this akin to watching a fire. It’s a bit mesmerizing and relaxing.

Come and join us!

MSRC has just published a blog post for Microsoft's response to CVE-2021-44228 Apache Log4j 2 msrc-blog.microsoft.com/2021/12/11/mic…

The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers by discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s

Microsoft was proud to sponsor the Cybersecurity Woman of the Year Awards 2024. Congratulations to all the winners and nominees, including Eva Benn, Senior Security Program Manager on the Microsoft Red Team, who was a finalist for the “People’s Choice” Award. The CSWY Awards

We’re excited to introduce our #BlueHat lightning session speakers! Ayobami Olatunji (Mayor) from Microsoft will present “SafeChatAI: Enhancing Cybersecurity Awareness Using Artificial Intelligence.” Ayobami is a Security PM in Isolation Platform at Microsoft. He’s

This evening, we kicked off BlueHat with a welcome reception, bringing together our speakers, MSRC MVRs, Microsoft leadership, and the MSRC team. A huge thank you to everyone who joined us and contributed to setting the stage for a successful #BlueHat!

As part of our Secure Future Initiative and to further the security of our customers, ourselves, and the world, today we are introducing the most transparent security research event in history: The Zero Day Quest. This new hacking event will be the largest of its kind, with an

Congratulations to all the researchers recognized in this quarter’s MSRC 2024 Q4 Security Researcher Leaderboard! 🎉Thanks to all the researchers who partnered with us for your hard work and continued dedication to securing our customers. Learn more in our blog post:

Join MSRC and special guest Scott Gorlick, Principal Security Architect at Microsoft, next week for a virtual session on Security Research in Copilot Studio. The Copilot ecosystem allows enterprises to develop Copilot Agents using resources and integrations that span services in

We’re excited to announce the scope of the Microsoft AI Bounty Program has expanded to include new vulnerability types for Critical and Important cases, with awards up to $30,000. New vulnerability types: - Deserialization of Untrusted Data - Injection (Code Injection) -