Microsoft Threat Intelligence Podcast cover art

Microsoft Threat Intelligence Podcast

Microsoft Threat Intelligence Podcast

By: Microsoft
Listen for free

About this listen

 Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind the scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense.©2025 Microsoft Economics
Episodes
  • Fact vs Hype: How Threat Actors Are Really Using AI Right Now

    Fact vs Hype: How Threat Actors Are Really Using AI Right Now
    Jan 28 2026
    In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by security researcher Crane Hassold and Digital Defense Report lead Chloe Mesdaghi for a grounded, practitioner-led discussion on where artificial intelligence actually stands today. Moving beyond hype and fear-driven narratives, the conversation examines how AI is realistically being used by threat actors, where its impact is often overstated, and why defenders currently stand to gain the most from AI-driven tooling. The episode explores AI’s strengths in detection, triage, and workflow acceleration, the psychology and incentives that shape attacker behavior, and emerging risks such as prompt injection and AI systems becoming direct attack targets. In this episode you’ll learn: Where AI is genuinely being used in real-world cyber operations Why AI systems themselves are becoming attractive targets for attackers How AI is accelerating defensive workflows like detection engineering and threat triage Some questions we ask: What does AI do well right now, and where has it been overpromised? Does AI shift the balance of power toward defenders or attackers? Why are prompt injection and agent manipulation such serious concerns? Resources: View Chloé Messdaghi on LinkedIn View Crane Hassold on LinkedIn View Sherrod DeGrippo on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
    Show More Show Less
    42 mins
  • Open SesameOp: Abusing trusted AI platforms to host a C2 server

    Open SesameOp: Abusing trusted AI platforms to host a C2 server
    Jan 14 2026
    To kick off Season 3 of Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by Microsoft security researchers Anna Seitz and Jonathan Checchi. Our guests examine two developments shaping today’s threat landscape: the cloud-native evolution of ransomware group Storm-0501 and the SesameOp backdoor’s abuse of trusted AI platforms for stealthy command-and-control. The discussion highlights how identity, hybrid-cloud pivot points, and federated authentication enable high-impact attacks without traditional malware, and why policy-compliant platform abuse is becoming harder to detect. Sherrod, Anna, and Jonathan provide guidance for defenders around enforcing MFA, tightening conditional access and identity controls, monitoring across cloud and on-prem environments, and partnering with platform providers to disrupt emerging attacker tradecraft. In this episode you’ll learn: What happens when threat actors gain control of highly privileged identities Why monitoring identity behavior is as critical as monitoring endpoints How attacker tactics are adapting to environments that blend cloud and on-prem systems Some questions we ask: What does recent threat activity tell us about where the landscape is headed? How is Storm-0501 using federated authentication in their operations? What should security teams focus on as AI becomes more integrated into systems? Resources: View Anna Seitz on LinkedIn View Sherrod DeGrippo on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
    Show More Show Less
    36 mins
  • Whisper Leak: How Threat Actors Can See What You Talk to AI About

    Whisper Leak: How Threat Actors Can See What You Talk to AI About
    Dec 17 2025
    In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by security researchers Geoff McDonald and JBO to discuss Whisper Leak, new research showing that encrypted AI traffic can still unintentionally reveal what a user is asking about through patterns in packet size and timing. They explain how LLM token streaming enables this kind of side-channel attack, why even well-encrypted conversations can be classified for sensitive topics, and what this means for privacy, national-level surveillance risks, and secure product design. The conversation also walks through how the study was conducted, what patterns emerged across different AI models, and the steps developers should take to mitigate these risks. In this episode you’ll learn: Why packet sizes and timing patterns reveal more information than most users realize How user-experience choices like showing streamed text create a larger attack surface The difference between classic timing attacks and the new risks uncovered in Whisper Leak Resources: View JBO on LinkedIn View Geoff McDonald on LinkedIn View Sherrod DeGrippo on LinkedIn Learn more about Whisper Leak Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
    Show More Show Less
    48 mins
No reviews yet