Microsoft Threat Intelligence Podcast Podcast Por Microsoft arte de portada

Microsoft Threat Intelligence Podcast

Microsoft Threat Intelligence Podcast

De: Microsoft
Escúchala gratis

Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind the scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense.©2025 Microsoft Economía
Episodios
  • Whisper Leak: How Threat Actors Can See What You Talk to AI About

    Whisper Leak: How Threat Actors Can See What You Talk to AI About
    Dec 17 2025
    In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by security researchers Geoff McDonald and JBO to discuss Whisper Leak, new research showing that encrypted AI traffic can still unintentionally reveal what a user is asking about through patterns in packet size and timing. They explain how LLM token streaming enables this kind of side-channel attack, why even well-encrypted conversations can be classified for sensitive topics, and what this means for privacy, national-level surveillance risks, and secure product design. The conversation also walks through how the study was conducted, what patterns emerged across different AI models, and the steps developers should take to mitigate these risks. In this episode you’ll learn: Why packet sizes and timing patterns reveal more information than most users realize How user-experience choices like showing streamed text create a larger attack surface The difference between classic timing attacks and the new risks uncovered in Whisper Leak Resources: View JBO on LinkedIn View Geoff McDonald on LinkedIn View Sherrod DeGrippo on LinkedIn Learn more about Whisper Leak Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
    Más Menos
    48 m
  • The Grid, a Digital Frontier: E-ISAC on Securing the Power Grid

    The Grid, a Digital Frontier: E-ISAC on Securing the Power Grid
    Dec 3 2025
    In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by Matt Duncan, Vice President of Security Operations and Intelligence at the North American Electric Reliability Corporation’s E-ISAC, to explore the cyber threats targeting the North American power grid. Matt breaks down why the grid remains resilient despite increasing pressure from nation-states, cybercriminals, and hacktivists, how AI is lowering the barrier of entry for attackers, and why OT systems and interconnected devices present unique risks. He also highlights real success stories, the value of large-scale grid exercises, and how strong collaboration and a focus on foundational security practices help defenders keep power flowing safely and reliably. In this episode you’ll learn: How severe weather events trigger heightened cyber-readiness across utilities What motivates hacktivist groups and how their tactics differ from other threat actors Why outdated equipment and legacy systems remain such attractive targets Some questions we ask: Are you seeing more educated and capable OT-focused adversaries now? How do you work with policymakers to help them understand these threats? If you could eliminate one misconception about securing the grid, what would it be? Resources: View Matt Duncan on LinkedIn View Sherrod DeGrippo on LinkedIn Learn more about E-ISAC Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
    Más Menos
    39 m
  • Ahoy! A Tale of Payroll Pirates Who Target Universities

    Ahoy! A Tale of Payroll Pirates Who Target Universities
    Nov 19 2025
    In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by security researchers Tori Murphy and Anna Seitz to unpack two financially motivated cyber threats. First, they explore the Payroll Pirates campaign (Storm 2657), which targets university payroll systems through phishing and MFA theft to reroute direct deposits. Then, they examine Vanilla Tempest, a ransomware group abusing fraudulent Microsoft Teams installers and SEO poisoning to deliver the Oyster Backdoor and Recita ransomware. Together, they discuss how attackers exploit trust in identity, code signing, and SaaS platforms and share practical steps organizations can take to strengthen defenses, from phishing-resistant MFA to stricter executable controls and out-of-band banking verification. In this episode you’ll learn: How Payroll Pirates diverted university salaries through SaaS HR phishing schemes Why universities are prime targets for identity-based cyberattacks How Vanilla Tempest evolved from basic ransomware to complex multi-stage attacks Some questions we ask: How are attackers stealing credentials and paychecks? Why do attackers create inbox rules after compromising accounts? What alerts should organizations monitor for these types of attacks? Resources: View Tori Murphy on LinkedIn View Anna Seitz on LinkedIn View Sherrod DeGrippo on LinkedIn Investigating targeted “payroll pirate” attacks affecting US universities Microsoft Threat Intelligence healthcare ransomware report highlights need for collective industry action Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
    Más Menos
    32 m
Todavía no hay opiniones