We have moved!

To ease navigation and be more in synch with our security colleagues within Microsoft, we have moved to a new blog address: http://blogs.technet.com/mmpc We hope you like the new look. Please remember to redirect any links to our new web address.

1

When SQL Injections Go Awry, Incident Case Study

It seems to be the "in-thing" these days – using an automated tool to perform SQL injections against vulnerable sites across multiple domains. Although the attack method isn’t new, some sites are hit multiple times, as evident by a corruption of the injection code when one attacker overwrite a previously injected record. Below, you can…

4

Oderoor – all it’s Kraked up to be?

Greetings from (sorta) sunny Melbourne, Australia! We’re the newest addition to Microsoft’s Security Research and Response global team. In arbitrary seating order we have: Jakub Kaminski, Scott Molenkamp, Hamish O’Dea, Heather Goudey, Raymond Roberts, David Wood, Chun Feng, Oleg Petrovsky, Hermineh Tchagatzbanian, Hil Gradascevic and Matt McCormack. In the same order we have: Skinny Latte…

1

Microsoft acquires Komoku

Today, Microsoft announced the acquisition of Komoku to add to Forefront and Windows Live OneCare’s technological capabilities.  I would like to take this opportunity to review the year since my “Hello World” blog post and again provide insight on where we will be going.   A year ago, I noted our test results were “not…

2

MBR rootkit: VirTool:WinNT/Sinowal.A report

This week you may have heard or read about a new rootkit that has been reported in the wild that uses the Master Boot Record (MBR) as its Auto-Start Entry Point (ASEP).  The malware is being called VirTool:WinNT/Sinowal.A.  First we want to let you know that if you use any of the Microsoft antivirus technologies…

5