In 2020, MSRC awarded two Identity Project Research Grants to support external researchers working to further strengthen the security of identity protocols and systems. Today we […]
Amplification attacks are one of the most common distributed denial of service (DDoS) attack vectors. These attacks are typically categorized as flooding or volumetric attacks, where […]
“Compliance is all about risk management and lessening risk, and the same is true of Zero Trust.” —Abbas Kudrati What’s risk management and why is it […]
Microsoft security researchers recently observed that web skimming campaigns now employ various obfuscation techniques to deliver and hide skimming scripts. It’s a shift from earlier tactics […]
“The bug bounty literally changed my life. Before this, I had nothing.” Coolest thing he purchased: His first vehicle! Best gift to give: Buying his nephew […]
Data is the lifeblood of any organization. Whether you’re a Chief Information Security Officer (CISO) or aspiring to become one, protecting sensitive business data will be […]
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. The acceleration of cloud journeys fueled by the […]
The Microsoft Security Response Center is part of the defender community and on the front line of security response for our customers and the company. Our […]
Who is CRSP? The Microsoft Compromise Recovery Security Practice (CRSP) is a worldwide team of cybersecurity experts operating in most countries, across both public and private […]
Summary Microsoft recently mitigated a vulnerability in Azure Data Factory and Azure Synapse pipelines. The vulnerability was specific to the third-party Open Database Connectivity (ODBC) driver […]