The Microsoft Threat Intelligence Podcast
Trailer
Recent Episodes
Disrupting Cracked Cobalt Strike
On this week's episode of The Microsoft Threat Intelligence Podcast, we discuss the collaborative effort between Microsoft and Fortra to combat the illegal use of cracked Cobalt Strike software, which is commonly employed in ransomware attacks. To break down the situation, our host, Sherrod DeGrippo, is joined by Richard Boscovich, Assistant General Counsel at Microsoft, Jason Lyons, Principal Investigator with the DCU, and Bob Erdman, Associate VP Research and Development at Fortra. The discussion covers the creative use of DMCA notifications tailored by geographic region to combat cybercrime globally. The group express their optimism about applying these successful techniques to other areas, such as phishing kits, and highlight ongoing efforts to make Cobalt Strike harder to abuse.
Behind the Scenes at Blue Hat IL: Security Advancements and Challenges
In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is live from Blue Hat Israel in Tel Aviv. Igal Lytzki and Din Serussi discuss their presentation on advanced phishing and evasion techniques, highlighting the rise of QR phishing and custom-made captures, which involve interactive challenges to bypass security systems. Gal Niv and Jonathan Jacobi discuss their experience with the Web3 challenge they created, focusing on a smart contract vulnerability on the Ethereum blockchain. Ida Vass, the mastermind behind BlueHat IL, talks about the conference’s impact and her motivation, driven by the community's spirit and the desire to continually innovate and Wolf Goerlich the keynote speaker, discusses his approach to the keynote, focusing on positive advancements in cybersecurity rather than dwelling on the negative.
In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Technical Program Manager at Microsoft Lynn Miyashita and Principal Research Manager, Andrew Paverd. They discuss the evolution of bug bounty programs into the realm of artificial intelligence, specifically focusing on Microsoft's initiative launched in October 2023. Lynn explains that the AI Bug Bounty incentivizes external security researchers to discover and report vulnerabilities in Microsoft's AI systems, such as Copilot, across various platforms including web browsers and mobile applications. Andrew elaborates on the concept of a "bug bar," which sets the criteria for vulnerabilities eligible for the program. They emphasize the importance of identifying security issues that could arise uniquely from AI systems, such as prompt injection vulnerabilities. The discussion highlights Microsoft's structured approach to handling reported vulnerabilities through their Security Response Center, emphasizing quick mitigation and coordination with researchers to ensure timely fixes and public disclosure.
Microsoft Live at the RSA Conference 2024
In this episode of the Microsoft Threat Intelligence Podcast recorded at the RSA Conference in San Francisco, host Sherrod DeGrippo engages with a diverse group of cybersecurity experts. David Weston, VP of Operating System Security at Microsoft, discusses the evolution of Windows security and the role of AI. Jamie Williams from MITRE shares insights on the importance of product functionality in cybersecurity. Emma Stewart, Chief Power Grid Scientist at Idaho National Lab, talks about securing the digital transition of the power grid. Joe Slowik from MITRE emphasizes the importance of threat intelligence and integrating cybercrime entities into their attack framework. Lindsey O'Donnell, executive editor of Decipher, highlights AI's crucial role in cybersecurity and finally, Todd Pauley, deputy CISO of the Texas Education Agency, discusses the challenges faced by small school districts in Texas.
Mark Russinovich Talks Jailbreaks
On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Mark Russinovich. Mark Russinovich, CTO and Technical Fellow of Microsoft Azure, joins the show to talk about his journey from developing on-prem tools like Sysinternals to working in the cloud with Azure. Sherrod and Mark discuss the evolution of cybersecurity, the role of AI in threat intelligence, and the challenge of jailbreaking AI models. Mark shares his experiences with testing AI models for vulnerabilities, including his discovery of the "Crescendo" and "Masterkey" methods to bypass safety protocols. They also touch on the issue of poisoned training data and its impact on AI reliability, while highlighting the importance of staying ahead in cybersecurity.