Microsoft Threat Intelligence Podcast
Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind the scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense.
Episodes
August 27, 2025 • 43 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is live from Black Hat 2025 with a special lineup of Microsoft security leaders and researchers.
First, Sherrod sits down with Tom Gallagher, VP of Engineering and head of the Microsoft Security Response Center (MSRC). Tom shares how his team works with researchers worldwide, why responsible disclosure matters, and how programs like Zero Day Q...
Mark as Played
August 7, 2025 • 77 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Aarti Borkar, Simeon Kakpovi, and Andrew Rapp for a behind-the-scenes look at how Microsoft Threat Intelligence and Microsoft Incident Response teams collaborate as part of a closed-loop system, the emotional toll of breaches, and how organizations of any size can build resilience through preparation and psychological safety. By list...
Mark as Played
July 23, 2025 • 45 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Richard Boscovich and Derek Richardson from Microsoft’s Digital Crimes Unit to unpack the global takedown of Lumma Stealer, one of the world’s largest infostealer malware operations. They discuss how creative legal tools like RICO and centuries-old trespass laws, deep collaboration with global partners, and innovative technical strat...
Mark as Played
July 9, 2025 • 93 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Grifter, the legendary Black Hat NOC lead, and Lintile, host of Hacker Jeopardy, to go behind the scenes of DEF CON and Black Hat. They unpack the chaos of managing the world’s most hostile networks, share advice for first-time attendees, and explore the vibrant hacker community that thrives on connection, contests, and lifelong frie...
Mark as Played
June 25, 2025 • 40 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Craig Nelson, who leads the elite Microsoft Red Team. Together, they dive into the art and impact of red teaming at Microsoft: what it means to simulate real-world attacks, how threat intelligence informs operations, and why collaboration between red and blue teams is crucial for organizational resilience.
Craig shares the surpr...
Mark as Played
June 11, 2025 • 46 mins
Recorded live at RSAC 2025, this special episode of the Microsoft Threat Intelligence Podcast, hosted by Sherrod DeGrippo, brings together Jeremy Dallman from the Microsoft Threat Intelligence and Steven Masada from Microsoft’s Digital Crimes Unit.
The panel explores the psychology and techniques behind nation-state and criminal cyber actors, how Microsoft innovatively uses legal and technical disruption to dismantle threats lik...
Mark as Played
May 28, 2025 • 31 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Henning Rauch, to discuss Call of the Cyber Duty is a 42-hour global cybersecurity challenge hosted by Microsoft’s Kusto Detective Agency. The competition runs from 12:00 AM Coordinated Universal Time (UTC) on June 8, 2025, and ends at 12:00 AM UTC on June 18, 2025, at 10:00AM UTC. Once a team member opens the first case, they have 42 h...
Mark as Played
May 14, 2025 • 40 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by security researchers Anna Seitz and Megan Stalling to unpack new intelligence on the BadPilot Campaign, a sophisticated operation by a subgroup of Seashell Blizzard—also known as APT-44, Iridium, or Sandworm.
The team explores how this subgroup, active since 2021, uses opportunistic access, remote management tools, and Tor based Shad...
Mark as Played
April 30, 2025 • 41 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Lauren Proehl, Sydney Marrone, and Jamie Williams to dig into the THOR Collective — a fresh, community-driven initiative bringing modern energy to threat intel.
The group discusses the ongoing tension where developers focus on user-friendly design while security professionals aim to break things to prevent malicious use. They also div...
Mark as Played
April 16, 2025 • 38 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by security researchers Anna Seitz and Sarah Pfabe to dive into the activities of the Russian-aligned threat actor, Star Blizzard.
Active since 2022, Star Blizzard recently shifted tactics by using WhatsApp for spear-phishing campaigns targeting government officials, NGOs, and academics. The team discusses how this change in approach may...
Mark as Played
April 2, 2025 • 55 mins
In this special episode marking 50 years of Microsoft, host Sherrod DeGrippo is joined by Charlie Bell, Stephanie Calabrese, John Lambert, and Scott Woodgate to take a deeper look at Microsoft’s incredible journey in cybersecurity.
They share their experiences and reflections on how the company has grown over the last five decades, from the early days of proprietary systems to the transformative rise of cloud computing and AI. As...
Mark as Played
March 19, 2025 • 40 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by ransomware experts Allan Liska from Recorded Future and Jonathan Braley, Director of Threat Intelligence for IT-ISAC, to get a pulse check on the current state of ransomware.
They discuss how ransomware has shifted from simple attacks, like Locky, to more sophisticated, high-stakes campaigns targeting entire networks and demanding mi...
Mark as Played
March 6, 2025 • 35 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Senior Microsoft Security Researcher Kajhon Soyini to explore the Luma Stealer cryptocurrency mining campaign targeting individual computers as part of a large-scale malvertising campaign. They discuss the sophisticated attack chain, which includes DLLs, clipboard malware, process injection via Explorer.exe, and how this impacted nearly...
Mark as Played
February 19, 2025 • 23 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by two Microsoft security researchers to analyze the latest Russian nation-sponsored cyber threat activity. They discuss how Russian threat actors—collectively referred to by Microsoft with the Blizzard suffix—are primarily targeting Ukraine and NATO member states, focusing on espionage, influence operations, and cyber disruption. The conv...
Mark as Played
February 5, 2025 • 50 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by two expert guests to explore critical challenges in today’s evolving threat landscape.
First, Sherrod sits down with Kelly Bissell, CVP of Fraud at Microsoft, to discuss the complexities of combating fraud and product abuse. Kelly digs into the unique challenges Microsoft faces, highlighting prevalent schemes such as crypto mining, te...
Mark as Played
January 22, 2025 • 26 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by security researchers Elise Eldridge and Anna Seitz to discuss the most recent notable developments across the threat landscape.
The threat actor, also known as Sandworm or APT44, has also been observed resuming the use of the wrappers WalnutWipe and SharpWipe, and expanded the use of the Prickly Pear malware downloader.
The team hig...
Mark as Played
January 8, 2025 • 28 mins
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by security researchers Caitlin Hopkins, Diana Duvieilh, and Anna Seitz to discuss the latest trends in cybersecurity threats.
The team explores OSINT observations around Remote Monitoring and Management (RMM) tools like Screen Connect by nation-state actors and reveals how they are used to deploy malware like AsyncRAT, ransomware, and ...
Mark as Played
December 18, 2024 • 42 mins
In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Christian Dameff and Jeff Tully, co-directors from the UCSD Center for Healthcare Cybersecurity, and contributors to our recent Healthcare Ransomware report.
They discuss their unique backgrounds as doctors and hackers, focusing on healthcare cybersecurity, and the growing risks of hospital ransomware attacks. Christian shares his jou...
Mark as Played
December 4, 2024 • 43 mins
In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Microsoft’s Dinesh Natarajan, Senior Threat Hunter, and Thomas Ball, Senior Security Researcher. They unpack recent findings around AsyncRAT, a remote access Trojan (RAT) used for keylogging, data exfiltration, and deploying further malware.
Dinesh explains how attackers are now using screen-sharing tools, like Screen Connect, as par...
Mark as Played
November 20, 2024 • 44 mins
In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Proofpoint’s Greg Lesnewich and Microsoft’s Greg Schloemer to share the unique threat posed by North Korea’s (DPRK) state-sponsored cyber activities. The Gregs discuss their years of experience tracking North Korean cyber actors and the distinct tactics that set DPRK apart from other nation-sponsored threats. The conversation also explor...
Mark as Played
Popular Podcasts
Season Two Out Now! Law & Order: Criminal Justice System tells the real stories behind the landmark cases that have shaped how the most dangerous and influential criminals in America are prosecuted. In its second season, the series tackles the threat of terrorism in the United States. From the rise of extremist political groups in the 60s to domestic lone wolves in the modern day, we explore how organizations like the FBI and Joint Terrorism Take Force have evolved to fight back against a multitude of terrorist threats.
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Gregg Rosenthal and a rotating crew of elite NFL Media co-hosts, including Patrick Claybon, Colleen Wolfe, Steve Wyche, Nick Shook and Jourdan Rodrigue of The Athletic get you caught up daily on all the NFL news and analysis you need to be smarter and funnier than your friends.
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!