Have you ever thought about a career in threat intelligence or cyber security? Possibly finishing school with a degree in computer programming and feel overwhelmed with what to do next? Don't worry; we've all experienced this. Maybe not specifically with computer programming, but the figuring it out aspect. You could be ending active military service and working in cyber operations, helping offensive and defensive cyberspace operations, wondering about the next step. The thought of making the transition from military to private industry can be exciting but also nerve-racking. The good news is that there are many different roads to travel, and with the experience and education you've obtained, you'll most likely have more options than you could have ever imagined. In this episode of Security Unlocked, host Natalia Godyla is joined by Senior Threat Intelligence Analyst Justin Underwood, an army veteran with the personality and charm to calm your nerves. Currently working for a group known as OPTIC, the Operational Threat Intelligence Center at Microsoft, Justin and Natalia discuss his time at Bank of America and Xbox. He explains how it gave him a better understanding of cybersecurity, how he obtained the title of Human Intelligence Collector, and what helped him transition from the army into the world of threat intelligence and cyber security.
It's finally Friday. You successfully made it through another week and the weekend is so close you can taste it. You pour yourself a bowl of your favorite cereal, but before you can get that first bite your phone rings. It's a random number, but for some reason you're feeling chatty and decide to answer. Unfortunately, it's a robot that somehow knows your name and is asking for your social security number, home address, and password from that first AOL account you made in 1998! It’s easy to recognize classic scams like these, but some of the newer, creative scams can be more challenging to identify. One of these is called BazaCall, and they don’t call you – oh, no. BazaCall will have YOU calling THEM! In this episode of Security Unlocked, host Natalia Godyla is re-joined by Microsoft Threat Analysts Emily Hacker and Justin Carroll to talk about a relatively new delivery method for malware and ransomware called BazaCall campaigns. They discuss the different delivery methods used, how attackers evade detection, and where the attack chain begins.
Picture this: you’re working on a new software that will revolutionize your industry. You’ve got your work cut out for you, from design to programming to integration. But what about security? Keeping your software secure should be in the conversation from day one, but not all developers are well-versed in application security. The good news is that you’re not alone, and even if this picture that we’ve painted isn’t of you, there are still very accessible ways to learn about application security and information security. One of these ways is We Hack Purple, created by a Microsoft alumnus. In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by the founder of We Hack Purple and former Microsoft Senior Cloud Advocate, Tanya Janca, to discuss her company, trainings, and why it’s so important to keep up with the newest movements in the world of security. Before founding her company, Tanya found herself red-teaming and blue-teaming, and declared herself in the world of Purple. She brings us into that world, breaks down app-sec framework, and even gives a few sci-fi book recommendations.
Electricity is all around us. In fact, you’re using it to read this right now. It powers (no pun intended) our everyday lives, and it works without us having to think about it. It’s kind of like breathing. I mean, you don’t have to tell your lungs “Hey! Start breathing right now!” But just like with breathing, the problems that can follow an interruption of electricity can be deadly. It shouldn’t be shocking (pun intended) that keeping power grids secure is an international priority. In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Microsoft’s Chief Security Advisor, Hafid Elabdellaoui, to talk about making our power grids safe and stable. So much relies on the stability of our power grids, it’s easy to forget how dependent we are. Hafid discusses the growing concerns with supply chain attacks and explains the importance of cyber hygiene at all levels of an organization.
8 trillion. It’s kind of a big number, right? That’s how many signals are collected, processed, and analyzed by Microsoft’s security team every single day. Those signals are travelling from the cloud, coming through endpoints, coming through Bing, coming through Xbox. All of these signals are turned into intelligence, and if you’re a cloud user, that intelligence is an asset to your security. By making the leap to the cloud, the power, size, and flexibility of Microsoft’s threat intelligence becomes your resource. In this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla are re-joined by Microsoft’s Chief Security Advisor, Sarah Armstrong-Smith, to dive deeper into the back half of her four-part series on Becoming Resilient. We explore different cloud models, the shared responsibility of your cloud service provider, and the growing risks of insider threats.