Microsoft Threat Intelligence Podcast cover art

Microsoft Threat Intelligence Podcast

Microsoft Threat Intelligence Podcast

By: Microsoft
Listen for free

About this listen

 Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind the scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense.©2023 Microsoft Economics
activate_mytile_page_redirect_t1
Episodes
  • BadPilot: Inside Seashell Blizzard’s (AKA Sandworm) Global Cyber Espionage Campaign

    BadPilot: Inside Seashell Blizzard’s (AKA Sandworm) Global Cyber Espionage Campaign
    May 14 2025
    In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by security researchers Anna Seitz and Megan Stalling to unpack new intelligence on the BadPilot Campaign, a sophisticated operation by a subgroup of Seashell Blizzard—also known as APT-44, Iridium, or Sandworm. The team explores how this subgroup, active since 2021, uses opportunistic access, remote management tools, and Tor based ShadowLink infrastructure to maintain covert control of compromised systems. They also examine trends across threat actor ecosystems, how tactics evolve through shared influence, and why network detection remains a key battleground in defending against persistent global threats. In this episode you’ll learn: How evolving network detection is helping stop threat actors Why Seashell Blizzard targets industrial control systems When fake Zoom links and meeting invites are used to lure victims into engagement Some questions we ask: Have North Korean hackers improved at social engineering lately? What’s this subgroup’s main goal when it comes to network attacks? Why would a group like this use such basic tactics instead of more advanced ones? Resources: View Megan Stalling on LinkedIn View Anna Seitz on LinkedIn View Sherrod DeGrippo on LinkedIn BadPilot Campaign, Seashell Blizzard How Microsoft Names Threat Actors Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
    Show More Show Less
    41 mins
  • Inside THOR Collective, a Dispersed Team Delivering Open-Source Research

    Inside THOR Collective, a Dispersed Team Delivering Open-Source Research
    Apr 30 2025
    In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Lauren Proehl, Sydney Marrone, and Jamie Williams to dig into the THOR Collective — a fresh, community-driven initiative bringing modern energy to threat intel. The group discusses the ongoing tension where developers focus on user-friendly design while security professionals aim to break things to prevent malicious use. They also dive into the THOR Collective, a community-driven initiative with open-source projects like Hearth and their twice-weekly Substack newsletter, Dispatch, which combines research, memes, and real-world lessons to uplift the InfoSec community. The conversation touches on the challenges of security, the disconnect between the public and understanding risks, and the need for more user-friendly, AI-driven security solutions that cater to various skill levels. In this episode you’ll learn: The value of consistently publishing high-quality content How the THOR Collective addresses this issue through innovative and digestible content The importance of making complex InfoSec topics approachable for different experience levels Some questions we ask: What’s going on with the rise in toll scam text messages? Why has social engineering remained such a successful tactic for threat actors? How does THOR Collective welcome new voices in InfoSec, and why is this crucial in today’s security landscape? Resources: View Lauren Proehl on LinkedIn View Sydney Marrone on LinkedIn View Jamie Williams on LinkedIn View Sherrod DeGrippo on LinkedIn THOR Collective Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
    Show More Show Less
    41 mins
  • Star Blizzard Shifts Tactics to Spear-Phishing on Whatsapp

    Star Blizzard Shifts Tactics to Spear-Phishing on Whatsapp
    Apr 16 2025
    In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by security researchers Anna Seitz and Sarah Pfabe to dive into the activities of the Russian-aligned threat actor, Star Blizzard. Active since 2022, Star Blizzard recently shifted tactics by using WhatsApp for spear-phishing campaigns targeting government officials, NGOs, and academics. The team discusses how this change in approach may be a response to previous exposure of their tactics. They also explore the resilience of Star Blizzard, highlighting Microsoft's disruption of their operations, including the seizure of domains, and the ongoing threat posed by this actor despite legal actions. In this episode you’ll learn: Why threat actors like Star Blizzard are highly resilient and quickly adapting What steps users take to avoid falling victim to mobile malware Challenges of monitoring WhatsApp activity and why this platform has become a target Some questions we ask: What role do QR codes play in Star Blizzard’s phishing campaigns? Why do you think phishing continues to be the number one access vector? How resilient is Star Blizzard when facing disruptions like domain seizures or legal actions? Resources: View Sarah Pfabe on LinkedIn View Anna Seitz on LinkedIn View Sherrod DeGrippo on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
    Show More Show Less
    39 mins

What listeners say about Microsoft Threat Intelligence Podcast

Average Customer Ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.com.au reviews

Amazon Reviews
No Reviews are Available
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.