Quantcast
Channel: Microsoft BlueHat Blog
Browsing all 31 articles
Browse latest View live

Image may be NSFW.
Clik here to view.

Visualizing Software Security

Working to find bugs in the software security industry is much like prospecting for natural resources. An engineer takes a high level view of an unknown piece of territory to determine the lay of the...

View Article



Image may be NSFW.
Clik here to view.

Concurrency Attacks in Web Applications

Hello, This is Scott Stender and Alex Vidergar from iSEC Partners, and our topic for BlueHat is Concurrency Attacks in Web Applications.  Database administrators, computer architects, and operating...

View Article

Image may be NSFW.
Clik here to view.

State of the Union

I spent a lot of time trying to think about what to write for a BlueHat pre-conference blog entry and had a pretty hard time focusing on one topic. To handle this, I decided to comment on the state of...

View Article

Image may be NSFW.
Clik here to view.

Good Things Come in Blue Packages

Hello everyone, Celene Temkin here from the MSRC Ecosystem Strategy Team. BlueHat v8: C3P0wned ended a month ago and the success of the con lives on in the outstanding training and networking done...

View Article

Image may be NSFW.
Clik here to view.

Learning by our mistakes

Mike Andrews here. With a very broad brush, the vulnerabilities we see can be split into two categories -- flaws and bugs. Flaws are inherent problems with the design of a system/application – Dan...

View Article


Image may be NSFW.
Clik here to view.

Gone is the era of yes/no questions

It used to be easy to be in the security industry. All you had to do is develop products that needed to say “nay” or “yay” on a given content and “bless” it to be secure or not. That is so 2007… As we...

View Article

Image may be NSFW.
Clik here to view.

!exploitable Crash Analyzer Now Available

At BlueHat v8 in October 2008, Dave Weinstein, Jason Shirk and Lars Opstad presented the topic of when it’s okay to stop fuzzing (Fuzzed Enough? When It’s OK to Put the Shears Down). As part of that...

View Article

Image may be NSFW.
Clik here to view.

Token Kidnapping finally patched!

Here I am again writing on MS BlueHat blog, this time about Token Kidnapping. The first time I talked about Token kidnapping was a long time ago and now after a year the issues detailed in the...

View Article


Image may be NSFW.
Clik here to view.

Dune Busting and Browser Fun at HITB – Dubai

Hi, Billy Rios here, I was recently invited to speak at Hack in the Box (HITB) in Dubai. While at HITB, I participated in two different talks, but I’m going to focus on the talk Chris Evans and I...

View Article


Image may be NSFW.
Clik here to view.

Getting a business degree as part of Security Research?

What a great time to start thinking of travel – the weather is fairing up, June is here, and fortunately for me, I have a chance to take the driver seat again at another BlueHat conference! This time...

View Article

Image may be NSFW.
Clik here to view.

Stainless steel bridge

Hi! Manuel Caballero here. I had the pleasure of penetration testing (pen-testing) the previous versions of Microsoft Silverlight, and now, for the last three weeks, I’ve been playing around with the...

View Article

Image may be NSFW.
Clik here to view.

Securing our Legacy

Hi, this is Scott Stender from iSEC Partners. I recently had the privilege of speaking at Microsoft's BlueHat event in Brussels on the topic of securing legacy systems. With all of the recent coverage...

View Article

Image may be NSFW.
Clik here to view.

Black Hat USA Spotlight: ATL Killbit Bypass

There are only a few days left before Black Hat USA, and we, like most other speakers, are in the midst of the last-minute push to have all the materials finalized in time for our presentation. Our...

View Article


Image may be NSFW.
Clik here to view.

Can we secure cloud computing? Can we afford not to?

There have been many disruptive innovations in the history of modern computing, each of them in some way impacting how we create, interact with, deliver, and consume information. The platforms and...

View Article

Image may be NSFW.
Clik here to view.

Collaborating on RIA Security

Microsoft and Adobe frequently work together on security. At this year's BlueHat, we will come together to share our security research in the area of Rich Internet Applications (RIAs). While we...

View Article


Image may be NSFW.
Clik here to view.

Babel Hacking

Hello world!  Remember Mad Libs?  How about Scrabble, when you'd try making up words that sound legit just to be de-bluffed by your friend.  Playing these games provides endless hours of fun with words...

View Article

Image may be NSFW.
Clik here to view.

Attacking SMS

This year at BlackHat USA in Las Vegas, we presented on the topic of attacking Short Message Service (SMS). Our presentation focused on the different ways in which SMS can be used to compromise mobile...

View Article


Image may be NSFW.
Clik here to view.

The lighter side of the cloud

Billy Rios here. I’m giving a talk this week along with Nate McFeters entitled, “Sharing the Cloud with Your Enemy.” It’s a fun, realistic talk on security in the cloud. Why cloud computing? Cloud...

View Article

Image may be NSFW.
Clik here to view.

Know thy Enemy

I recently attended BlueHat for the second time and spoke about the SMS vulnerabilities Collin Mulliner and I discovered and exploited this summer. BlueHat is an interesting speaking venue because the...

View Article

Image may be NSFW.
Clik here to view.

BlueHat v9 brings the looking glass to you

Celene here from the MSRC Ecosystem Strategy Team. BlueHat v9: Through The Looking Glass ended just over a month ago and the success of the con lives on due to the outstanding training and networking...

View Article
Browsing all 31 articles
Browse latest View live




Latest Images