• Microsoft Threat Intelligence Podcast

  • By: Microsoft
  • Podcast

Microsoft Threat Intelligence Podcast

By: Microsoft
  • Summary

  • Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind the scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense.
    ©2023 Microsoft
    Show More Show Less
Episodes
  • Seashell Blizzard Ramping Up Operations and OSINT Trends of DPRK Threat Actors
    Jan 22 2025
    In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by security researchers Elise Eldridge and Anna Seitz to discuss the most recent notable developments across the threat landscape. The threat actor, also known as Sandworm or APT44, has also been observed resuming the use of the wrappers WalnutWipe and SharpWipe, and expanded the use of the Prickly Pear malware downloader. The team highlights the geopolitical implications of these attacks, particularly in the context of Russia's influence on energy and global events. Sherrod also touches on the history of wipers in cyber operations and transitions to a discussion with Elise about trends in North Korean cyber activity, emphasizing Microsoft's ongoing efforts to analyze and mitigate these threats. In this episode you’ll learn: Why recent attacks have targeted the European energy sector How Seashell Blizzard’s attacks in 2024 involved spear-phishing campaigns Why North Korean hackers infiltrate companies through remote IT job programs Some questions we ask: How has Seashell Blizzard returned to using wipers, and what might explain this shift? After sending out crafted spear-phishing emails, what happens next in the attack chain? How might global geopolitics impact Seashell Blizzard's campaigns? Resources: View Elise Eldridge LinkedIn View Anna Seitz on LinkedIn View Sherrod DeGrippo on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
    Show More Show Less
    26 mins
  • Threat Landscape Update: North Korean IT Workers, OSINT, and Remote Monitoring and Management Abuse
    Jan 8 2025
    In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by security researchers Caitlin Hopkins, Diana Duvieilh, and Anna Seitz to discuss the latest trends in cybersecurity threats. The team explores OSINT observations around Remote Monitoring and Management (RMM) tools like Screen Connect by nation-state actors and reveals how they are used to deploy malware like AsyncRAT, ransomware, and execute phishing scams. They also uncover alarming tactics, such as North Korean IT workers posing as legitimate coders to infiltrate organizations, who steal cryptocurrency and use it to fund their regime. Since 2017 they have contributed to the theft of more than $3 billion. In this episode you’ll learn: The role of tech support scam websites in tricking victims into allowing remote access How cybercriminal and nation-state actors are increasingly exploiting remote monitoring Why the financial services sector is a major target for cyberattacks Some questions we ask: What is Screen Connect, and why is it attractive to threat actors? How long have RMM tools been used in C2 frameworks? Why are remote management tools being used in command-and-control systems? Resources: View Caitlin Hopkins on LinkedIn View Diana Duvieilh on LinkedIn View Anna Seitz on LinkedIn View Sherrod DeGrippo on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
    Show More Show Less
    28 mins
  • Doctors’ Perspective: The Rise of Healthcare Ransomware
    Dec 18 2024
    In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Christian Dameff and Jeff Tully, co-directors from the UCSD Center for Healthcare Cybersecurity, and contributors to our recent Healthcare Ransomware report. They discuss their unique backgrounds as doctors and hackers, focusing on healthcare cybersecurity, and the growing risks of hospital ransomware attacks. Christian shares his journey from hacking as a teenager to combining his passion for medicine and cybersecurity, particularly the risks posed to patient safety by vulnerable medical devices. Jeff adds his perspective, highlighting the parallels between medicine and hacking, and their efforts at UCSD to bring evidence-based research to healthcare cybersecurity. The conversation explores the challenges and importance of protecting critical healthcare systems from cyber threats, aiming to improve patient safety and outcomes. In this episode you’ll learn: How medical device vulnerabilities reveal the impact of cybersecurity on patient care The lack of comprehensive data on healthcare ransomware attacks When ransomware-induced disruptions can delay life-saving procedures Some questions we ask: As healthcare providers, what stands out to you about ransomware in healthcare? What does the UCSD Center for Healthcare Cybersecurity do? What ransomware attacks are common in healthcare, and how do they differ from other industries? Resources: View Jeff Tully on LinkedIn View Christian Dameff on LinkedIn View Sherrod DeGrippo on LinkedIn Healthcare Ransomware Report Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
    Show More Show Less
    43 mins

What listeners say about Microsoft Threat Intelligence Podcast

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.