Microsoft Security Bulletin

/Tag:Microsoft Security Bulletin

Week 16 In Review – 2015

Events Related Test your hacker skills with DEF CON at the 2015 TRIBECA film festival – For the first time ever, the world's biggest underground hacking conference will travel from Las Vegas to NYC for this year's TFF. Resources PCI versions 3.0, 3.1 and your SecureSphere deployment – This blog entry will focus solely on [...]

Week 6 In Review – 2015

Resources OWASP Proactive Controls – This document was written by developers for developers, to assist those new to secure development. It aims to guide developers and other software development professionals down the path of secure web application software development. Anthem-From the Desk of CEO To Members – Anthem was the target of a very sophisticated [...]

Week 47 In Review – 2014

Resources SHack3rcon 5 Videos – Here are the videos from Hack3rcon^5. You can watch and download the videos from here. Let's Play NSA! The Hackers Open-Sourcing Top Secret Spy Tools – Last August, at Defcon, the hacker conference in Las Vegas, engineer and security researcher named Michael Ossmann stood on the stage of a lecture [...]

Week 20 In Review – 2014

Resources Infiltrate 2014 – Here are some additional resources of Zach Cutlip that may have mentioned in his Infiltrate 2014 presentation. BlueHat Security Briefings: Fall 2013 Sessions – The 2013 BlueHat Security Briefings took place on the Microsoft campus in December 2013. Here are the list of talks and discussions. Tools mimikatz 2.0 alpha 20140519 – [...]

Week 7 In Review – 2014

Events Related BruCON 5by5 – WPScan Online Vulnerability Database – For those of you who have been living under a rock, BruCON is a security conference held every year in Belgium (originally Brussels, now Ghent). Last year was the 5th time the conference had been held and so the year before (2012) they setup what [...]

Week 2 In Review – 2014

Events Related Why we have to boycott RSA – The reason isn't that Robert Graham is upset at RSA, or think that they are evil. He thinks RSA was mostly tricked by the NSA instead of consciously making the choice to backdoor their products. Resources Stupid IDN Tricks: Unicode Combining Characters – Safari will display [...]

Week 37 In Review – 2013

Resources Video Tutorial: Introduction to XML External Entity Injection – This video introduces XML injection to achieve XML external entity injection (XXE) and XML based cross site scripting (XSS). Errata Security's blog We scanned the Internet for port 22 – Errata Security scanned the entire Internet for port 22 -- the port reserved for "SSH", [...]

Week 28 in Review – 2013

Event Related ToorCon Seattle 2013 - Weaponizing your coffee pot - As SoC price continue to drop and their implementation continues to rise, connected “appliances" (Internet of Things) will be become an attractive avenue for cyber criminals. Due to the fact they provide no traditional feedback (monitor) or input (mouse/keyboard), If one were able to compromise [...]

Week 37 in Review – 2012

Event Related Man on the SecurityStreet Man on the SecurityStreet - Day 2 Continued. - Dave Kennedy, the founder of TrustedSec, gave an entertaining presentation called Going on the Offensive - Proactive Measures in Security your Company. Just like HD's earlier presentation, we had our staff artist plot out the entire speech, which you [...]

Week 28 in Review – 2012

Event Related S16 Networks: Presentations - The complete list of our presentations is available here. Resources Low Hanging Fruit - I decided to write a Python script to automate this task for me. takes a single Nessus v2 XML file and prints a summary HTML file with all of the low hanging [...]