The Microsoft Threat Intelligence Podcast

Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind the scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense.

Trailer

Recent Episodes

Ep 13 | 2.28.24

Throwing Darts in the Dark With Microsoft Incident Response

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Stella Aghakian and Holly Burmaster. They explore the intrigue of watching threat actors and their techniques and walk through these techniques and how they are educational and critical in threat intelligence work. They also discuss their experiences at Microsoft Ignite, insights into the cyber threat actor Octo Tempest, and personal reflections on threat intelligence and favorite threat actors. Both Stella and Holly discuss how they thrive on the uncertainty and variety of their work despite the long hours and high pressure but appreciate the supportive team environment that helps them.

Ep 12 | 2.14.24

Iran’s Influence Operations

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Bryan Prior and Nirit Hinkis from the Microsoft Threat Analysis Center. Sherrod, Bryan, and Nirit discuss Iranian influence operations, distinguishing between influence and information operations. The conversation covers examples of cyber-enabled influence operations, focusing on Iran's actions related to the 2020 U.S. presidential elections and the Israel-Hamas war. The discussion covers tactics Iranian actors use, such as impersonation, recruiting locals, and leveraging email and text messages for amplification. The podcast brings context to the intricacies of Iranian cyber activities, their collaborative efforts, propaganda consumption, creative tactics, and challenges in attribution for influence operations.

Ep 11 | 2.7.24

Mobile Threat Landscape Update

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Christine Fossaceca, Laurie Kirk, and Apurva Kumar. Today's discussion concerns a recent release from the Chaos Computer Congress, where researchers discovered and analyzed a zero-click attack on iPhones. The attack involves four zero-day vulnerabilities in iOS, requiring a malicious iMessage, a hardware bug, and a Safari exploit. The spyware discovered was specifically targeting security researchers. Sherrod, Christine, Laurie, and Apurva explore the significance of this attack, its implications for mobile security, the concept of zero-click attacks becoming more prevalent on mobile devices, and the importance of researchers being vigilant about their security.

Ep 10 | 1.24.24

North Korea Threat Landscape Update

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Greg Schloemer and Matthew Kennedy. Sherrod, Greg, and Matthew discuss North Korean cyber operations, highlighting the unique aspects that set North Korea apart, emphasizing North Korea's persistence, adaptability, and the blending of APT and cybercrime elements, mainly focusing on revenue generation through activities like cryptocurrency theft. The discussion touches on the notorious Lazarus group, known for the Sony Pictures attack and WannaCry, and how their actions captured global attention. Sherrod, Greg, and Matthew also share personal insight into why they're drawn to this particular area of cybersecurity, offering listeners a unique perspective on the motivations and passions driving those at the forefront of defending our digital world.

Ep 9 | 1.10.24

Microsoft Ignite Special Edition

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Jeremy Dallman, Kimberly Ortiz, and Steve Ginty. Sherrod emphasizes the importance of understanding vulnerabilities before they're exploited in the wild and discusses the process of responding to security vulnerabilities, including identifying threat actors and the urgency of patch deployment, especially for vulnerabilities targeted by ransomware groups. The conversation also focuses on Security Copilot, a tool built on Microsoft's extensive threat intelligence, designed to make SOC analysts' work more accessible by providing immediate, relevant information on threats. This episode offers an insider's view on how these professionals track internal incident responses, share crucial intelligence with customers, and continuously evolve their processes to ensure swift, accurate delivery of threat intelligence.

Host(s)

Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft, is a frequently cited threat intelligence expert with a 19-year career leading global threat research and analyst teams. She was named Cybersecurity Woman of the Year in 2022 and Cybersecurity PR Spokesperson of the Year for 2021. Sherrod has provided expert commentary for BBC News, Wall Street Journal, CNN, and New York Times and has presented extensively at conferences including Black Hat, RSA Conference, RMISC, SleuthCon, and others.

Schedule: Bi-Weekly

Credits: Executive Producer is Bruce Bracken, Producer is Rob Petrillo, Production Manager is Max Solomon, and our Audio Engineer (and magician) is none other than The Great Rich Cerbini.

Social Media:

Creator: Microsoft