![](/assets/artwork/1x1-42817eea7ade52607a760cbee00d1495.gif)
24 episodes
![](/assets/artwork/1x1-42817eea7ade52607a760cbee00d1495.gif)
Microsoft Threat Intelligence Podcast Microsoft
-
- Technology
-
-
5.0 • 17 Ratings
-
Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind the scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense.
-
Hunting for AI Bug Bounty
In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Technical Program Manager at Microsoft Lynn Miyashita and Principal Research Manager, Andrew Paverd. They discuss the evolution of bug bounty programs into the realm of artificial intelligence, specifically focusing on Microsoft's initiative launched in October 2023. Lynn explains that the AI Bug Bounty incentivizes external security researchers to discover and report vulnerabilities in Microsoft's AI systems, such as Copilot, across various platforms including web browsers and mobile applications. Andrew elaborates on the concept of a "bug bar," which sets the criteria for vulnerabilities eligible for the program. They emphasize the importance of identifying security issues that could arise uniquely from AI systems, such as prompt injection vulnerabilities. The discussion highlights Microsoft's structured approach to handling reported vulnerabilities through their Security Response Center, emphasizing quick mitigation and coordination with researchers to ensure timely fixes and public disclosure.
In this episode you’ll learn:
How AI Bug Bounty programs are reshaping traditional security practices
Dangers of prompt injection attacks, and their capacity to exfiltrate sensitive data
Why you should engage in AI bug hunting and contribute to the evolving security landscape
Some questions we ask:
Which products are currently included in the Bug Bounty program?
Should traditional bug bounty hunters start doing AI bug bounty hunting?
How can someone get started with AI bug hunting and submitting to your program?
Resources:
View Lynn Miyashita on LinkedIn
View Andrew Paverd on LinkedIn
View Sherrod DeGrippo on LinkedIn
Microsoft AI Bug Bounty Program
Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network. -
Microsoft Live at the RSA Conference 2024
In this episode of the Microsoft Threat Intelligence Podcast recorded at the RSA Conference in San Francisco, host Sherrod DeGrippo engages with a diverse group of cybersecurity experts. David Weston, VP of Operating System Security at Microsoft, discusses the evolution of Windows security and the role of AI. Jamie Williams from MITRE shares insights on the importance of product functionality in cybersecurity. Emma Stewart, Chief Power Grid Scientist at Idaho National Lab, talks about securing the digital transition of the power grid. Joe Slowik from MITRE emphasizes the importance of threat intelligence and integrating cybercrime entities into their attack framework. Lindsey O'Donnell, executive editor of Decipher, highlights AI's crucial role in cybersecurity and finally, Todd Pauley, deputy CISO of the Texas Education Agency, discusses the challenges faced by small school districts in Texas.
In this episode you’ll learn:
How Windows security has transitioned from user-controlled to Microsoft-managed
The importance of understanding product functionality to combat cyber threats
Securing the power grid's digital transition and cloud technologies for grid control
Some questions we ask:
What challenges and opportunities arise in securing the power grid's digital transition?
How does AI enhance security in Windows operating systems?
What were some of the most memorable sessions you attended at RSA?
Resources:
View Sherrod DeGrippo on LinkedIn
Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network. -
Mark Russinovich Talks Jailbreaks
On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Mark Russinovich. Mark Russinovich, CTO and Technical Fellow of Microsoft Azure, joins the show to talk about his journey from developing on-prem tools like Sysinternals to working in the cloud with Azure. Sherrod and Mark discuss the evolution of cybersecurity, the role of AI in threat intelligence, and the challenge of jailbreaking AI models. Mark shares his experiences with testing AI models for vulnerabilities, including his discovery of the "Crescendo" and "Masterkey" methods to bypass safety protocols. They also touch on the issue of poisoned training data and its impact on AI reliability, while highlighting the importance of staying ahead in cybersecurity.
In this episode you’ll learn:
The shift from desktop computing to cloud-based systems and its implications
Potential consequences of AI models having overridable safety instructions
How AI training data can manipulate the outcomes generated by AI models
Some questions we ask:
Will AI owners be able to stop data poisoning, or will it become more common?
Can you share challenges and vulnerabilities in maintaining the security of AI systems?
What sparked your interest in AI jailbreaks, and what trends are you seeing?
Resources:
View Mark Russinovich on LinkedIn
View Sherrod DeGrippo on LinkedIn
AI jailbreaks: What they are and how they can be mitigated?
https://www.microsoft.com/en-us/security/blog/2024/06/04/ai-jailbreaks-what-they-are-and-how-they-can-be-mitigated/
Inside AI Security with Mark Russinovich | BRK227
https://www.youtube.com/watch?v=f0MDjS9-dNw
How Microsoft discovers and mitigates evolving attacks against AI guardrails.
https://www.microsoft.com/en-us/security/blog/2024/04/11/how-microsoft-discovers-and-mitigates-evolving-attacks-against-ai-guardrails/
Google AI said to put glue on pizza.
https://www.businessinsider.com/google-ai-glue-pizza-i-tried-it-2024-5
Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network. -
Threat Landscape Update on Grandoreiro and Luna Tempest
On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by two of MSTIC’s finest analysts. They discuss recent trends in financially motivated cyber threats observed by Microsoft, focusing particularly on two cases: the Grandoreiro banking Trojan and the Luna Tempest crimeware actor. The Grandoreiro Trojan, active since 2017, has expanded globally beyond its initial Latin American focus, now targeting countries like the U.S. and the UK. This Trojan typically starts with phishing emails to steal financial information. Despite efforts to disrupt this activity, new clusters have emerged. The discussion also covers Luna Tempest, a U.S.- and UK-based extortion group targeting startups and smaller companies, particularly in sectors like insurance, FinTech, and biotech, seeking high payouts by threatening to release sensitive data.
In this episode you’ll learn:
The resilience and adaptability of threat actors in response to global disruption efforts
Why Luna Tempest focuses solely on extortion without deploying ransomware
How the Grandoreiro Banking Trojan has expanded globally
Some questions we ask:
How do we distinguish between the various threat actor groups and their malware?
What can businesses do to protect themselves from identity-based attacks?
Have these cybercriminals perfected an extortion program?
Resources:
View Sherrod DeGrippo on LinkedIn
Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network. -
Andrew Morris and Lauren Proehl on Infosec
On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Andrew Morris, Founder & Chief Architect at GreyNoise and Lauren Proehl, Director of Global Cyber Defense at Marsh McLennan. Lauren Proehl is an experienced cybersecurity leader who has helped defend against threat actors in Fortune 500 networks and has managed multiple divisions focused in defensive security and specializes in innovative cyber defense. GreyNoise operates a huge sensor network across the internet that collects primary sourced data on which vulnerabilities attackers are exploiting, when they start, and from where. Sherrod, Lauren, and Andrew discuss the effectiveness of banning ransomware payments, the importance of focusing on backup and disaster recovery strategies, the necessity of investing in basic security measures like endpoint detection and response, multi-factor authentication, and log storage.
In this episode you’ll learn:
The potential for ransomware attacks on physical infrastructure
Why most are hesitant to become a CISO and the expectations that come with the role
Challenges when try to balance technical expertise with leadership skills
Some questions we ask:
Can government or law enforcement agencies evolve in combating ransomware?
Where do you believe organizations can invest to improve their cybersecurity?
How do you expect ransomware to change with tactics like double or triple extortion?
Resources:
View Lauren Proehl on LinkedIn
View Andrew Morris on LinkedIn
View Sherrod DeGrippo on LinkedIn
Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network. -
Behind the Scenes of the XZ vuln with Andres Freund and Thomas Roccia
On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Thomas Roccia and Andres Freund. Andres stumbled upon a security issue within SSH while investigating performance discrepancies. He discovered a sophisticated backdoor, skillfully concealed within the LZMA library, part of the XZ package. Sherrod, Thomas, and Andres discuss the importance of proactive security measures and code review in the open-source community. They emphasize the critical role of community collaboration in identifying and mitigating security threats effectively and signal the need for heightened vigilance.
In this episode you’ll learn:
The importance of proactive security and code review in the open-source community
Why anomalies in software behavior should prompt curiosity and investigation
Open-source community cooperation is vital for spotting and addressing security risks
Some questions we ask:
Could you explain the security issue you found in SSH and its significance?
How serious is this threat, and what steps can organizations take to defend against it?
What advice do you have for open-source contributors?
Resources:
View Andres Freund on LinkedIn
View Thomas Roccia on LinkedIn
View Sherrod DeGrippo on LinkedIn
Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
Customer Reviews
Work together
Let’s work together. Yay!
An inside look with top experts
This podcast is super informative for security pros. Sherrod asks great questions and the guests are knowledgeable and awesome! Great way to keep a pulse on the cybersecurity industry.
THE Podcast for the threat intelligencia
This is where the cool kids are. Wow. Ok.