The Microsoft Malware Protection Center reports of unusual behavior from the Vobfus and Beebone malware families where each malware variant continuously downloads a version of the other.
Browsing Category: Microsoft
Dennis Fisher talks with Ryan Naraine about the new Microsoft bug bounty program, how it may affect prices for vulnerabilities on the private market and why it took the company so long to start the reward program.
The Microsoft bug bounty program has been nearly a decade in the making and it is clear from the shape and size of it that the company did not simply slap the program together in order to join the cool kids. Microsoft’s security team spent years watching the way other programs work, seeing what incentives attract good researchers and looking for a system that made sense for Microsoft’s specific goals.
After years of saying that the company didn’t need a bug bounty program, Microsoft is starting one. The company today will announce the start of a new program that will pay security researchers up to $100,000 for serious vulnerabilities and as much as $50,000 for new defensive techniques that help protect against those flaws.
Despite a rating of “Important,” a Microsoft Office 2003 zero-day vulnerability and patch deserve a close look from enterprise IT administrators.
Autorun malware used to be kind of a big deal around here. Worms that jump directly from removable media such as USB drives as soon as they are connected to a PC can cause some major trouble, spreading quickly through a network. Microsoft made a change to newer versions of Windows that disables the autorun[...]
Microsoft and Adobe released their monthly security updates and patches. Microsoft also announced enhancements to its certificate-handling infrastructure.
Calling it the company’s “most aggressive” botnet operation operation to date, Microsoft provided details early Wednesday evening regarding a massive disruption of the Citadel botnet.
REDMOND, Wash.–If one were to draw up a list of the most challenging jobs in the technology industry, chief privacy officer at Microsoft likely would be pretty near the top of it. For a company with the size and scope of Microsoft, the volume of potential privacy issues is nearly endless, and if someone is calling you for help, something has probably gone wrong.
The Microsoft Digital Crimes Unit has been spearheading botnet takedowns and other anti-cybercrime operations for many years, and it has had remarkable success. But the cybercrime problem isn’t going away anytime soon, so the DCU is in the process of building a new cybercrime center here, and soon will roll out a new threat intelligence service to help ISPs and CERT teams get better data about ongoing attacks.