Live from Black Hat: Ransomware, Responsible Disclosure, and the Rise of AI [Microsoft Threat Intelligence Podcast]

Sep 1, 2025

Tom Gallagher, VP of Engineering at Microsoft and head of the Security Response Center, discusses the vital role of responsible disclosure in cybersecurity and reveals an exciting $5 million initiative, the Zero Day Quest. Eric Olson, Principal Security Researcher, dives into the rapidly evolving landscape of ransomware, detailing how attackers now operate with alarming speed and organization. They also explore the growing threat of social engineering and AI-enhanced phishing tactics, emphasizing the necessity of robust cybersecurity measures for defense.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Coordinated Disclosure Protects Everyone

MSRC coordinates vulnerability reports with researchers so fixes are in place before public disclosure.
This protects customers while enabling researchers to present findings at conferences like Black Hat.

ANECDOTE

In-Person Hacking At Redmond

Zero Day Quest brought top researchers to Redmond for in-person hacking and immediate triage with product teams.
Engineers and researchers learned from each other in real time and accelerated fixes and understanding.

INSIGHT

AI Speeds Vulnerability Triage

MSRC uses AI to triage incoming vulnerability reports and prioritize critical issues.
Not every submission is critical, so automation helps scale trusted triage.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

While our team is observing the Labor Day holiday in the US, we hope you will enjoy this episode of The Microsoft Threat Intelligence Podcast . New episodes airs on the N2K CyberWIre network every other Wednesday.

In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is live from Black Hat 2025 with a special lineup of Microsoft security leaders and researchers.

First, Sherrod sits down with Tom Gallagher, VP of Engineering and head of the Microsoft Security Response Center (MSRC). Tom shares how his team works with researchers worldwide, why responsible disclosure matters, and how programs like Zero Day Quest (ZDQ) are shaping the future of vulnerability research in cloud and AI security. He also announced the next iteration of ZTQ with $5 million up for grabs.

Next, Sherrod is joined by Eric Baller (Senior Security Researcher) and Eric Olson (Principal Security Researcher) to unpack the fast-changing ransomware landscape. From dwell time collapsing from weeks to minutes, to the growing role of access brokers, they explore how attackers operate as organized ecosystems and how defenders can respond.

Finally, Sherrod welcomes Travis Schack (Principal Security Researcher) alongside Eric Olson to examine the mechanics of social engineering. They discuss how attackers exploit urgency, trust, and human curiosity, why AI is supercharging phishing campaigns, and how defenders can fight back with both training and technology.

In this episode you’ll learn:

How MSRC partners with researchers across 59 countries to protect customers
Why Zero Day Quest is accelerating vulnerability discovery in cloud and AI
How ransomware dwell times have shrunk from days to under an hour

Resources:

Related Microsoft Podcasts:

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Get the latest threat intelligence insights and guidance at Microsoft Security Insider

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.

Learn more about your ad choices. Visit megaphone.fm/adchoices