The funnel for detecting exploits in Microsoft Word has gone from a billion reports a month to a few thousand by narrowing down attacks that occur when a user first opens a document. It is rare for exploits to occur when a user has been in Word for an extended period.
A massive list of actual passwords was released after the fifth largest breach at the time, leading to an increase in password cracking methods and tools among hackers and security professionals.
Eric Lawrence shares how his early internet shenanigans led him to accidentally create a tool for detecting cross-site scripting attacks, and how that ultimately led to a career in web security.
Microsoft's legal team used a clause in the Lanham trademark act to seize counterfeit goods and help with the takedown of CNC servers. The legal argument was that these servers contained spam templates falsely claiming to be from Microsoft and Pfizer, constituting trademark infringement.
Microsoft is developing its technology towards integrating its assistant into all its products, building its usage through stages such as the search feature and allowing conversation from all solutions. Improvements have been seen in auto response, moving towards a time it can automatically schedule a meeting for you.
The hosts discuss the inner workings of a homebrew exploit toolkit and how it can evade detection by antivirus tools. They also explore the potential dangers of such a toolkit in the wrong hands.