Microsoft Threat Intelligence Podcast cover image

Microsoft Threat Intelligence Podcast

Latest episodes

undefined
Nov 1, 2023 • 46min

Octo Tempest Threat Actor Profile

The podcast discusses the activities and tactics of a threat actor called Octo Tempest, such as SIM swapping, SMS phishing, and living off the land. It highlights their bespoke and persistent nature, as well as the importance of separating high-privileged accounts. Other topics include assuming compromised passwords, testing security controls, and the need for help desk protocol.
undefined
Oct 25, 2023 • 36min

China Threat Landscape: Meet the Typhoon

Graham Dietz, Microsoft Senior Security Researcher, joins Sherrod DeGrippo to discuss China's cyber activities, including patriotic hackers thriving in the underground, China's economic strategies related to cyber operations, and the complexity of Chinese cyber activities. They also explore China as an Advanced Persistent Threat, their loud presence, and targeting of vulnerable organizations.
undefined
Oct 11, 2023 • 49min

Exploring Mobile Threats

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Christine Fossaceca. Christine is a senior mobile security researcher at Microsoft, specializing in iOS and mobile exploit development. Christine and Sherrod discuss mobile device security and privacy concerns, mainly focusing on Apple AirTags and similar tracking devices, concentrating on the potential for misuse of these devices for shady purposes, the challenges of tracking and detecting them, and steps individuals can take to protect themselves if they suspect they are being tracked. They also examine the evolving landscape of mobile security and offer practical advice for safeguarding personal information and privacy in increasingly interconnected devices.      In this episode you’ll learn:         How attackers gain access to banking apps and iCloud accounts  The privacy implications of Bluetooth trackers  Why the landscape of mobile security is constantly evolving    Some questions we ask:      What's a mobile zero day?  How can I and people listening protect themselves on their iPhones?   What common technique do fishers use to make URLs appear legitimate?   Resources:  Follow Christine on Twitter @x71n3 & @herhaxpodcast  View Sherrod DeGrippo on LinkedIn  Related Microsoft Podcasts:                   Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks          Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security InsiderThe Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of The CyberWire Network.  
undefined
Oct 11, 2023 • 43min

Incident Response with Empathy

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Matthew Zorich, a Principal Consultant with Microsoft Incident Response. Sherrod and Matt discuss his motivation for creating accessible and open-source forensics tools and resources for entry-level forensics, aiming to guide those without extensive resources. They also examine the importance of helping smaller businesses and individuals understand and practice incident response and forensics, considering the potentially devastating impact of cyberattacks on them. Matt also emphasizes the importance of knowledge sharing and practical experimentation in incident response and identity forensics to help individuals and organizations better defend against cyber threats.    In this episode you’ll learn:       The challenges of identity-based forensics  Tactics threat actors use to compromise accounts without raising suspicion  The importance of distinguishing personal and work identities when assessing threats    Some questions we ask:      Why is it important to distinguish personal and work email from a threat perspective?  How do you protect essential accounts in a large organization?  Would you consider text messages as a reliable method to enhance security?    Resources:  View Matthew Zorich on LinkedIn  View Sherrod DeGrippo on LinkedIn    Related Microsoft Podcasts:                   Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks          Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security InsiderThe Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of The CyberWire Network.  
undefined
Oct 11, 2023 • 42min

Peach Sandstorm

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Threat Intelligence Analyst Simeon Kakpovi, Intelligence Analyst Lauren Podber, and Senior Hunt Analyst Emiel Haeghebaert. In this episode, Sherrod and guests explore the evolving nature of the Iranian APT group known as "Peach Sandstorm." They discuss how they mature over time while providing valuable insights into APT actors and their evolving strategies. They discuss techniques such as password spraying and the next steps attackers take to establish persistence within the victim's environment. Sherrod also highlights Iran's unique approach to cyber operations, where they exhibit creativity and perseverance in achieving their objectives, even when they may only sometimes be the most technically sophisticated group among nation-state actors.     In this episode you’ll learn:       The contrast between APT actors and cybercriminals  How organizations can protect themselves against password spray attacks  The importance for defenders to understand the motivations and tactics of APT actors    Some questions we ask:      What is the difference between a brute force attack and a password spray attack?  How does Iran's cyber capabilities compare to those of other countries?  What are some key differences between Iran and APT actors like Russia and China?   Resources:  How Microsoft Names Threat Actors  Peach Sandstorm View Simeon Kakpovi on LinkedIn  View Lauren Podber on LinkedIn View Emiel Haeghebaert on LinkedIn View Sherrod DeGrippo on LinkedIn  Peach Sandstorm Ingredients: - 1 ripe peach, peeled and pitted - 1 1/2 oz Arak (a traditional Middle Eastern aniseed-flavored spirit) - 1 oz fresh lemon juice - 1 oz rose water - 1/2 oz simple syrup - A pinch of saffron strands (soaked in 1 tablespoon of warm water for 10 minutes) - Crushed ice - Fresh mint leaves for garnish - Edible rose petals for garnish Instructions: 1. In a blender, combine the peach, Arak, lemon juice, rose water, simple syrup, saffron water, and a good amount of crushed ice. 2. Blend until smooth and frosty. 3. Pour into a chilled glass. 4. Garnish with fresh mint leaves and edible rose petals.   Related Microsoft Podcasts:                   Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks    Security Unlocked     Security Unlocked: CISO Series with Bret Arsenault Secure the Job: Breaking into Security       Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security InsiderThe Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of The CyberWire Network.  
undefined
Oct 5, 2023 • 2min

The Microsoft Threat Intelligence Podcast - Trailer

Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind-the-scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense. Related Microsoft Podcasts:                   Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks    Security Unlocked     Security Unlocked: CISO Series with Bret Arsenault Secure the Job: Breaking into Security       Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security InsiderThe Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of The CyberWire Network.  

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode