Threat Intelligence Feeds – A place to control time
Source: https://msrc-blog.microsoft.com/blog/2021/01/top-msrc-2020-q4-security-researchers-congratulations/ We’re excited to announce the top contributing researchers for the 2020 Fourth Quarter (Q4)! Congratulations to all of the researchers who made this quarter’s leaderboard and a huge thank you … Read more
Microsoft today released updates to plug more than 80 security holes in its Windows operating systems and other software, including one that is actively being exploited and another which was disclosed prior … Read more
Source: https://msrc-blog.microsoft.com/blog/2021/01/security-update-guide-supports-cves-assigned-by-industry-partners/ Hi Folks, This month we are introducing a new data element for each CVE in the Security Update Guide, called Assigning CNA. First let me back up a bit and … Read more
Summary: RSA SecurID announces the upcoming end-of-sale for the RSA SecurID (SID800) Hardware Authenticator. The last day to order this hybrid hardware authenticator is June 30, 2021. Details: You can receive support … Read more
Summary: RSA announces the release of the RSA Authentication Agent 2.0.4 for Microsoft AD FS. The cumulative AD FS Agent 2.0.4 release (available here) includes software updates to resolve customer issues. You can … Read more
Source: https://msrc-blog.microsoft.com/blog/2020/12/microsoft-internal-solorigate-investigation-update/ As we said in our recent blog, we believe the Solorigate incident is an opportunity to work together in important ways, to share information, strengthen defenses and respond to attacks. … Read more
Source: https://msrc-blog.microsoft.com/blog/2020/12/december-21st-2020-solorigate-resource-center/ ** UPDATE: ** Microsoft continues to work with partners and customers to expand our knowledge of the threat actor behind the nation-state cyberattacks that compromised the supply chain of SolarWinds … Read more
Summary: RSA announces RSA Authentication Manager 8.5 Patch 1 Security Update 1. Security Update 1 (available here) updates Authentication Manager components to prevent potential security vulnerabilities. This cumulative update includes
Summary: RSA announces the release of the RSA SecurID Authentication Agent 8.1.2 for PAM. This release adds the following new features: Ability to configure case-sensitivity for user names when determining challenge … Read more
Summary: RSA SecurID Software Token 2.5.0 for iOS includes the following updates: Bug fixes. Qualified for iOS 14.0. New minimum supported version is iOS 11. For additional documentation, downloads and more, visit … Read more
Source: https://msrc-blog.microsoft.com/blog/2020/12/customer-guidance-on-recent-nation-state-cyber-attacks/ Note: we are updating as the investigation continues. Revision history listed at the bottom. This post contains technical details about the methods of the actor we believe was involved in … Read more
Source: https://msrc-blog.microsoft.com/blog/2020/12/security-update-guide-lets-keep-the-conversation-going/ Hi Folks, We want to continue to highlight changes we’ve made to our Security Update Guide. We have received a lot of feedback, much of which has been very positive. … Read more
Source: https://msrc-blog.microsoft.com/blog/2020/12/20201203_sugv2_howto/ 新しいバージョンのセキュリティ更新プログラムについては下記の関連ブログもご覧ください。 「新しいセキュ
Summary: In the coming months, RSA will improve security by enforcing the use of Transport Layer Security (TLS) 1.2 or greater encryption for all communication from clients (including identity routers, RSA Authentication … Read more
Summary: RSA SecurID Authenticate 3.7 App for Android contains: A QR code scan icon on a new tab that is convenient for adding user accounts after device registration. Miscellaneous bug fixes For … Read more
Source: https://msrc-blog.microsoft.com/blog/2020/11/20201120_cve-2020-17049/ マイクロソフトは、2020 年 11 月 10 日 (米国時間) に、Kerberos KDC (Key Distribution Center) に対する脆弱性情報 CVE-2020-17049 を公
Source: https://msrc-blog.microsoft.com/blog/2020/11/vulnerability-descriptions-in-the-new-version-of-the-security-update-guide/ With the launch of the new version of the Security Update Guide, Microsoft is demonstrating its commitment to industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System … Read more
Source: https://msrc-blog.microsoft.com/blog/2020/10/attacks-exploiting-netlogon-vulnerability-cve-2020-1472/ Microsoft has received a small number of reports from customers and others about continued activity exploiting a vulnerability affecting the Netlogon protocol (CVE-2020-1472) which was previously addressed in security updates … Read more
Source: https://msrc-blog.microsoft.com/blog/2020/10/announcing-the-top-msrc-2020-q3-security-researchers/ Following the MSRC’s 2020 Most Valuable Security Researchers announced during this year’s Black Hat, we’re excited to announce the top contributing researchers for the 2020 Third Quarter (Q3)! The top … Read more
Source: https://msrc-blog.microsoft.com/blog/2020/10/security-analysis-of-cheri-isa/ Is it possible to get to a state where memory safety issues would be deterministically mitigated? Our quest to mitigate memory corruption vulnerabilities led us to examine CHERI (Capability Hardware … Read more