Microsoft Threat Intelligence Podcast cover art

Microsoft Threat Intelligence Podcast

Microsoft Threat Intelligence Podcast

By: Microsoft
Listen for free

Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind the scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense.©2025 Microsoft Economics
Episodes
  • Eviltokens: A Conversation with Huntress on an AI‑Enabled Device Code Phishing Campaign

    Eviltokens: A Conversation with Huntress on an AI‑Enabled Device Code Phishing Campaign
    May 20 2026
    In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo joins researchers from Huntress to break down the rise of EvilTokens, an AI-powered phishing-as-a-service platform designed to bypass MFA and automate credential theft at scale. Together, they explore how attackers are leveraging legitimate authentication flows, trusted infrastructure, and AI-generated phishing lures to blend malicious activity into normal enterprise traffic. The conversation also examines how modern phishing operations have evolved into highly professionalized cybercrime ecosystems and what defenders must do to adapt their identity security strategies. In this episode you’ll learn: How EvilTokens bypasses MFA using device code phishing Why AI-powered phishing campaigns are harder to detect What makes modern phishing kits highly scalable and automated Some questions we ask: What role does trusted infrastructure play in these attacks? Why are traditional phishing defenses struggling against these tactics? How are modern phishing kits becoming more professionalized? Resources: Watch the LinkedIn live recording Read Huntress’ related research View Lindsay O’Donnell-Welch on LinkedIn View Jamie Levy on LinkedIn View Sherrod DeGrippo on LinkedIn Related Microsoft Podcasts: Security Insider Conversations The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
    Show More Show Less
    42 mins
  • Russia’s Forest Blizzard Is Abusing Home + Small Office Routers for Cred Theft

    Russia’s Forest Blizzard Is Abusing Home + Small Office Routers for Cred Theft
    May 6 2026
    This week on the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo speaks with Danny Adamitis, Distinguished Engineer at Lumen Technologies’ Black Lotus Labs who break down how the Russian state-linked threat actor Forest Blizzard is exploiting home and small office routers to hijack DNS traffic, enabling large-scale surveillance and targeted credential theft. The conversation highlights how this low-cost approach scales globally, why unmanaged routers have become a critical weak point, and how tactics, from brute force to token theft to DNS hijacking continue to evolve. In this episode you’ll learn: How Forest Blizzard exploits home routers to intercept DNS traffic Why unmanaged routers are a major blind spot in modern security How tactics have evolved from brute force to token-based access Some questions we ask: What defines Forest Blizzard and how they operate? How does this impact machine-to-machine or service account security? What are the broader third-party or downstream risks? Resources: View Danny Adamitis on LinkedIn View Sherrod DeGrippo on LinkedIn Justice Department Conducts Court-Authorized Disruption of DNS Hijacking Network Controlled by a Russian Military Intelligence Unit FrostArmada: All thriller, no (malware) filler Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
    Show More Show Less
    52 mins
  • The Cybercrime Shift: From Opportunistic Attacks to Marketplace-Driven Ecosystem

    The Cybercrime Shift: From Opportunistic Attacks to Marketplace-Driven Ecosystem
    Apr 22 2026
    In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo speaks with Maurice Mason and Jackie Burns-Koven to explore how cybercrime has shifted into a highly organized, marketplace-driven ecosystem. They break down the growing convergence between criminal networks and nation-state actors, highlighting how shared tools, infrastructure, and cryptocurrency have blurred traditional boundaries. The conversation dives into the rise of as-a-service cybercrime models, where access, malware, and infrastructure can be easily bought and sold, lowering barriers to entry and increasing attack volume. They also examine how blockchain intelligence is becoming a critical tool for tracking illicit activity, improving attribution, and disrupting operations. In this episode you’ll learn: How cybercrime has evolved into a scalable, marketplace-driven ecosystem Why initial access brokers are lowering the barrier to entry for attackers How proactive disruption and collaboration can reduce ransomware impact and payments Some questions we ask: What role does crypto intelligence play in prevention and detection? Why are threat actors shifting to alternative cryptocurrencies? How can defenders better protect themselves against these threats? Resources: View Maurice Mason on LinkedIn View Jackie Burns-Koven on LinkedIn View Sherrod DeGrippo on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
    Show More Show Less
    40 mins
adbl_web_anon_alc_button_suppression_c
No reviews yet