Listen Ad-free

Security Unlocked

Microsoft

Security Unlocked explores the technology and people powering Microsoft's Security solutions. In each episode, Microsoft Security evangelists Nic Fillingham and Natalia Godyla take a closer look at the latest innovations in threat intelligence, security research, and data science, with a special focus on demystifying artificial intelligence and machine learning. Be sure to listen in and follow us!

Hosted on Acast. See acast.com/privacy for more information.

read less
TechnologyTechnology

Episodes

Cryptojacking, and Farewell for Now!
Feb 16 2022
Cryptojacking, and Farewell for Now!
The success of crypto inspired dozens of other cryptocurrencies like Ethereum, Tether, and Dogecoin. Today, people worldwide use cryptocurrencies to buy things, sell things, and make investments. One thing is certain; digital currencies are here to stay, no matter how many times you have to explain what a bitcoin is. Unfortunately, it also created the world of cryptojacking, a form of cybercrime that remains completely hidden from the target and can infect millions of computers with cryptojacking malware. Which brings us to the fundamental question: What can organizations do to protect themselves?  In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Microsoft senior software engineer Amitrajit Banerjee and senior staff architect at Intel Rahul Ghosh to discuss the history and prevalence of cryptojacking. The push behind a cryptojacking attack is almost always motivated by money. Mining cryptocurrencies can be very lucrative, but making a profit is challenging unless you cover high costs. They discuss the importance of understanding the actual concept of mining, how victims' CPU power and computing resources can be used, and why it isn't easy in general to detect crypto miners.   In This Episode You Will Learn:    How prevalent is cryptojacking and who should be worried When and how people are exposed to these new types of threats Why you should be familiar with cryptojacking  Some Questions We Ask:    How are victims' CPU power and computing resources used to mine cryptocurrencies? What created this environment where cryptojacking is possible? What are some general techniques when trying to identify cryptojacking?   Resources:   The increasing threat of cryptocurrency miners Defending against cryptojacking Guidance for preventing, detecting, and hunting for exploitation  View Amitrajit Banerjee on LinkedIn View Rahul Ghosh on LinkedIn View Nic on LinkedIn  View Natalia on LinkedIn    Related:   Listen to: Security Unlocked: CISO Series with Bret Arsenault     Listen to: Afternoon Cyber Tea with Ann Johnson    Discover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.      Hosted on Acast. See acast.com/privacy for more information.
A look at Cybercrime in 2021
Feb 2 2022
A look at Cybercrime in 2021
Ransomware attacks have never been so successful. The returns from these attacks are soaring and only becoming easier to conduct. In chapter two of the Microsoft Digital Defense Report, the growing threat of cybercrime is covered in great detail. As we continue to go over the MDDR, it's more apparent than ever that the cybercrime economy and services it provides are stronger and more complex than ever. Cryptocurrency, malware, and adversarial machine learning are just a few of the topics we believe need to be covered in more detail.  In this episode of Security Unlocked, host’s Natalia Godyla and Nic Fillingham are joined by Jason Lyons, principal investigator in the digital crimes unit at Microsoft. Jason is an experienced investigator specializing in computer investigations. He is trained and experienced in hacker methodology/techniques, computer forensics, and incident response. Jason joined the show to discuss Chapter two of the Microsoft Digital Defense Report, which focuses on the state of cybercrime. He also speaks on how cryptocurrency has created new challenges in ransomware, why ransomware continues to grow, and recent trends we are currently seeing in malware.    In This Episode You Will Learn:     How to decide whether to pay the ransomware or not New ways for security teams to protect against malware Why we are seeing a rise in cybercrime due to cryptocurrency.   Some Questions We Ask:    What's new in the way the cybercrime economy operates?  Why is ransomware still such a big thing and maybe even getting bigger? What trends are we seeing with malware right now?   Resources:   Microsoft Digital Defense Report  View Jason Lyons on LinkedIn  View Nic on LinkedIn  View Natalia on LinkedIn    Related:   Listen to: Security Unlocked: CISO Series with Bret Arsenault     Listen to: Afternoon Cyber Tea with Ann Johnson    Discover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.      Hosted on Acast. See acast.com/privacy for more information.
What’s a BISO?
Jan 19 2022
What’s a BISO?
Everything is exciting and new when you're a kid, and curiosity inspires many of us to branch out and try new things. For some, that means drawing from our imagination or trying all kinds of sports. And for others it means spending days at the library, checking out books on modem communications, and eventually hacking into the local dial-up community service. That's just a random example, of course... Either way, curiosity can be a powerful tool, even at a young age. To the point that it may help kickstart a career, you didn't even know existed.  In this episode of Security Unlocked, host Natalia Godyla is joined by S&P Global Ratings BISO Alyssa Miller. Alyssa is a life-long hacker and highly experienced security executive. She runs the security strategy for S&P Global Ratings as the Business Information Security Officer (BISO), bringing together corporate security objectives and business objectives. Natalia and Alyssa discuss her journey in security from a young and curious hacker to a BISO of the largest credit-rating agency, and how she is shaping what the role of the BISO will be for future generations.    In This Episode You Will Learn:    What are the roles and responsibilities of a BISO  How a BISO should interact with the rest of the organization How to put yourself on track to become a BISO    Some Questions We Ask:    What are the gaps that the BISO function is trying to address? What other roles should exist in security, but don’t?  How will the BISO role evolve over time?   Resources:   View Alyssa Miller on LinkedIn View Nic on LinkedIn  View Natalia on LinkedIn    Related:   Listen to: Security Unlocked: CISO Series with Bret Arsenault     Listen to: Afternoon Cyber Tea with Ann Johnson    Discover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.    Hosted on Acast. See acast.com/privacy for more information.
Disinformation in the Enterprise
Jan 5 2022
Disinformation in the Enterprise
Disinformation refers to the calculated use of false information to influence others and has been a steadily growing form of information warfare. Unfortunately, disinformation is everywhere these days, often hidden in plain sight. Criminals will also adapt and take advantage of technologies, such as AI and deepfakes, to increase the effectiveness of disinformation campaigns. Of course, there are ways to combat these types of attacks, and we cover recommendations for protecting the enterprise in the 2021 Microsoft Digital Defense Report (MDDR).  In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by the Director of Enterprise Continuity and Resilience at Microsoft, Irfan Mirza, who authored the chapter on disinformation in the enterprise in the 2021 MDDR. Irfan joins to discuss what disinformation is, why the use of disinformation is growing, how cognitive hacking occurs, and how cybersecurity can start thinking about adapting their strategies. In This Episode You Will Learn:    How to identify disinformation campaigns  How to train users and protect your organization from disinformation   Why we need AI to defend against disinformation  Some Questions We Ask:    What is the difference between misinformation and disinformation? How does disinformation impact cybersecurity? What new skills do cybersecurity professionals need to be able to protect the enterprise from this new threat?  Resources:   Microsoft Digital Defense Report 2021 View Irfan Mirza on LinkedIn  View Nic on LinkedIn  View Natalia on LinkedIn    Related:     Listen to: Security Unlocked: CISO Series with Bret Arsenault     Listen to: Afternoon Cyber Tea with Ann Johnson    Discover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. Hosted on Acast. See acast.com/privacy for more information.
I am Shroot-less
Dec 22 2021
I am Shroot-less
Microsoft works around the clock to protect their customers, no matter what product they’re using, Microsoft or otherwise. In some instances Microsoft teams up with other companies, creating an all-star cybersecurity team, to handle newly discovered vulnerabilities. It helps everyone stay more secure, and of course, that's the ultimate goal, right?   In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are re-joined by Jonathan Bar Or, Principal Security Researcher at Microsoft. Jonathan discusses the recently discovered vulnerability that could let attackers bypass System Integrity Protection (SIP) in macOS, why he believes in investing in cross-platform protection, and the importance of collaboration between security researchers, software vendors, and the larger security community.   In This Episode You Will Learn: What is System Integrity Protection (SIP) How attackers can bypass SIP How attackers can use the Shrootless vulnerability  Some Questions We Ask: How did you find the Shrootless vulnerability? How do you decide what products to assess? How does the process of submitting a vulnerability to Apple work?   Resources:   Microsoft finds new macOS vulnerability - Shrootless View Jonathan Bar Or on LinkedIn View Nic on LinkedIn  View Natalia on LinkedIn   Related:   Listen to: Security Unlocked: CISO Series with Bret Arsenault     Listen to: Afternoon Cyber Tea with Ann Johnson    Discover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.      Hosted on Acast. See acast.com/privacy for more information.
Trusting Your Hybrid Workforce
Nov 24 2021
Trusting Your Hybrid Workforce
We are back, covering more of the 2021 Microsoft Digital Defense Report, and this time we’re taking a deep dive into chapter five on Hybrid Workforce Security and Zero Trust. Zero Trust means precisely what it sounds like, never assuming any device or identity is secure; it's like having major trust issues, but in a professional way. With most businesses moving to remote work because of the pandemic, cybercriminals, of course, found new ways to take advantage, especially since most people are now moving between business and personal activity online. For the first time, we’re going to cover a full 12-month recap of what securing the hybrid workforce has been like. In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Carmichael Patton, Lead Architect for Microsoft's Internal Zero Trust Deployment. Carmichael joins the show to discuss security challenges and trends impacting the hybrid workforce, the three most significant insider risk vulnerabilities, and why some customers are still not using MFA. In This Episode You Will Learn:    Security challenges and trends impacting the hybrid workforce How Microsoft approached their Zero Trust journey  Prioritizing security initiatives during a time of massive change  Some Questions We Ask:    What were some of the major hybrid workforce attacks?  Why are some customers still not using MFA? When and how should you deal with insider risk? Resources:   Zero Trust Adoption Report The 2021 Microsoft Digital Defense Report  View Carmichael Patton on LinkedIn  View Nic on LinkedIn  View Natalia on LinkedIn  Related: Listen to: Security Unlocked: CISO Series with Bret Arsenault   Listen to: Afternoon Cyber Tea with Ann Johnson  Discover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.    Hosted on Acast. See acast.com/privacy for more information.
When Privacy Meets Security
Nov 10 2021
When Privacy Meets Security
The way most people operate online these days, what would you even consider private anymore? We are so quick to share details about our job, home, friends, and family without even thinking about how much personal info we're giving away. Privacy and user agreements are a part of almost everyone's life at this point, and what do you know about them? For the most part, we often see a user agreement pop up, click agree and move on, but do you know what you just agreed to? Privacy choices have become routine, though they shouldn’t be. In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Privacy Counsel and Data Protection Officer at Asana, Whitney Merrill. She is an accomplished attorney with 7+ years of privacy, data security, and data governance experience. Whitney discusses how to avoid common privacy mistakes, current privacy attack trends, and the importance of thinking like an attacker.   In This Episode You Will Learn:    The role of encryption in privacy  Privacy attack trends you should be paying attention to Why some organizations have different approaches to privacy   Some Questions We Ask:    How, and when, do privacy and security come together?  Why has a common framework been so difficult to establish?  Should regulators play a role in establishing a baseline of privacy awareness?   Resources:   View Whitney Merrill on LinkedIn View Nic on LinkedIn  View Natalia on LinkedIn   Related:     Listen to: Security Unlocked: CISO Series with Bret Arsenault   Listen to: Afternoon Cyber Tea with Ann Johnson  Discover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.   Hosted on Acast. See acast.com/privacy for more information.
Securing Modern Software
Oct 27 2021
Securing Modern Software
The newfound popularity of the internet in the nineties spurned an obsession with hacking. Unfortunately, most movies believed that it wasn't possible to show real hacking and still be entertaining; hence all the awkward video game graphics and characters living in sketchy basements regularly yelling out, "We're in!" while pounding on their keyboards. I'd also like to address their outfit choices but now is not the appropriate time. The point is, hackers have been portrayed as the same character repeatedly when in reality, there are many possibilities to turn these skills into a legitimate career.    In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Co-Founder and Chief Technology Officer at Veracode Chris Wysopal. In the ’90s, Chris was one of the first vulnerability researchers at The L0pht, a hacker think tank, where he publicized his findings on the dangers of insecure software. Chris shares guidance for anyone getting started with modern secure software development, the best tools to monitor for vulnerabilities in open-source code, and shares what he believes is one of the greatest threats to software development.   In This Episode You Will Learn:    How to use open-source code safely Best tools for monitoring vulnerabilities How to detect and respond to threats to insecure software  Some Questions We Ask:    What is modern secure software development?  What are the biggest threats to software today?  How should companies allocate ownership of secure code across the software development lifecycle?  Resources:   View Chris Wysopal on LinkedIn View Nic on LinkedIn  View Natalia on LinkedIn  Related:    Listen to: Afternoon Cyber Tea with Ann Johnson  Listen to: Security Unlocked: CISO Series with Bret Arsenault  Discover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.  Hosted on Acast. See acast.com/privacy for more information.
The 2021 Microsoft Digital Defense Report
Oct 20 2021
The 2021 Microsoft Digital Defense Report
Okay, look, we know you plan on reading the entire 2021 MDDR at some point. But you're busy. Life gets in the way. We get it. Who has the time! Well, we've got the time, but that's beside the point, and honestly... fortunate for you. We've read the report front to back and have decided to cover some of it today on the podcast, but you'll still need to read all 134 pages yourself if you truly want to grasp the entire piece. Unless you want to be that person who listens to a single podcast and pretends they read the whole thing... then go ahead; we won't tell. In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Sian John, Microsoft's director of strategic growth. Sian is currently working with the business development team, exploring growth opportunities for Microsoft to strengthen security, compliance, and identity offerings that address unfulfilled needs in the market. As a security professional with over 25 years of experience, Sian accompanies us as we discuss the 2021 Microsoft Digital Defense Report, which she personally contributed to.     In This Episode You Will Learn:    The history and analysis of the 2021 Microsoft Digital Defense Report The evolution of cybercrime services that are for sale What's providing new attackers with access to deeper data  Some Questions We Ask:    How did Microsoft settle on the topics and themes of the 2021 MDDR?   What are some takeaways from the newly added disinformation chapter? Why isn't Zero Trust being implemented, considering the conversations we've had that it's more critical than ever?    Resources:    2021 Microsoft Digital Defense Report View Sian John on LinkedIn View Natalia on LinkedIn View Nic on LinkedIn  Related:    Listen to: Security Unlocked: CISO Series with Bret Arsenault  Listen to: Afternoon Cyber Tea with Ann Johnson Discover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.   Hosted on Acast. See acast.com/privacy for more information.
Mobile 4N6 101
Oct 13 2021
Mobile 4N6 101
What would you say is the most personal possession that you own? Most would say their cell phone... unless you still have a few journals from high school. And if you do, this is your reminder that it might be time to let those go. It's become increasingly apparent lately how much info our phones collect from us, from the first app you check in the morning after waking up, recent calendar entries, and your actual heart rate by 9 am. The crazy part is most people don't give it a second thought. It doesn't interest us... until something or someone goes missing, then it becomes a road map to whatever it is you did. In this episode of Security Unlocked, host's Natalia Godyla and Nic Fillingham are joined by Senior Digital Forensics Researcher at Cellebrite, SANS Author and Senior Instructor Sarah Edwards. Sarah walks us through the world of mobile digital forensics while also crushing our dreams on how not so relatable it is to our favorite CSI television shows. She explains what makes mobile forensics unique while incredibly intimate and how a mobile device can be used as part of an attack chain.  In This Episode You Will Learn: The specific tools used during a digital forensics investigation What the typical threat landscape looks like for mobile devices Big trends and changes happening in the past few years  Some Questions We Ask: How is mobile forensics particularly unique? ​​What is typically looked for during an investigation?  How is a mobile device used as part of an attack chain? Resources: mac4n6.com View Sarah Edwards on LinkedIn View Nic on LinkedIn View Natalia on LinkedIn View Microsoft Security Blog Related:   Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault Discover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.  Hosted on Acast. See acast.com/privacy for more information.
Untangling Botnets
Oct 6 2021
Untangling Botnets
You're back home celebrating the holidays with friends and family, sharing stories, catching up, and discussing your plans for the year ahead. Next thing you know, that cousin who wouldn't stop sending you emails about the "future of bitcoin" and coin mining kicks the door open, and he's ready to spread some holiday knowledge. Oh yeah, he's also going to cut you in on a sweet deal he has going on with his buddy Carl, who he met at dollar wing night. Unfortunately, Carl is one of the bad guys. He is secretly infecting multiple devices with botnets, collecting crypto-cash at the expense of the naive device owners who don't know that their machines are being used.   In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are re-joined by Microsoft Defender 365 threat intelligence team member Elif Kaya, whose current primary focus is with botnets, commodity threats, and phishing delivered malware. Elif explains some of the new techniques from botnets, how they're being used for financial theft via cryptocurrency mining, and the impact on the defender's view of these actions.  In This Episode You Will Learn:  An overview and detailed description of what botnets are The fundamentals of cryptocurrency mining & botnets on a machineBest practices when trying to identify new botnetsSome Questions We Ask:    How can Microsoft contribute to helping take down these botnets?  What direction are the new botnets moving towards? How common is competition-killing activity within new botnets and crypto mining? Resources: Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks View Elif Kaya on LinkedInView Natalia on LinkedIn View Nic on LinkedIn  Related:   Listen to: Security Unlocked: CISO Series with Bret Arsenault Listen to: Afternoon Cyber Tea with Ann JohnsonDiscover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.  Hosted on Acast. See acast.com/privacy for more information.
What the Fuzz?!
Sep 29 2021
What the Fuzz?!
Do you have a data science or engineering background? If so, you're in luck. If not, you're also in luck because today's guest found a way to make a few complex subjects understandable for everyone. The first of many topics... Fuzzy hashing. It might sound like an adorable, adventurous Muppet character, but I promise you the reason behind it is not cute at all. The short explanation is "fighting crime with math," and honestly, the short version is all I've got for you. So, sit back and pay attention to an episode even the hosts plan on listening to twice. In this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla are joined by Edir Garcia Lazo, a data scientist currently working for the Microsoft Defender Cybersecurity Artificial Intelligence Team. Edir specializes in writing cloud machine learning models for the Malware Classification sub-team, working with threat hunters, reverse engineers, or security researchers. Edir talks us through character changes in malicious payloads, polymorphic malware, and the difference between fuzzing and fuzzy hashing.   Questions we ask: What inspired the team to look at fuzzy hashing and deep learning as techniques for detection instead of some of the more traditional methods? Is there a limit to how much change the fuzzy hashing methodology can recognize? What are some of the major differences between fuzzing and fuzzy hashing? What you’ll learn: Why fuzzy hashes aren't a cure-all and continue to have problems with radically new malware. Differences between perceptron and a multilayer perceptron. The compatibility between deep learning and fuzzy hashing. Resources:  Combing through the fuzz: Using fuzzy hashing and deep learning to counter malware detection evasion techniques View Edir on LinkedInView Nic’s LinkedInView Natalia’s LinkedInRelated:Listen to: Afternoon Cyber Tea with Ann JohnsonListen to: Security Unlocked: CISO Series with Bret Arsenault Discover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.  Hosted on Acast. See acast.com/privacy for more information.
The ‘Three E’s’ of Scam Disruption
Sep 22 2021
The ‘Three E’s’ of Scam Disruption
Juan Hardoy leads an international team of investigators, analysts, and lawyers inside the Digital Crimes Unit who share a joint mission to protect customers and promote trust in Microsoft technologies. Hearing that might take your imagination to a place where Juan is deputized to fight crime in digital space, and you wouldn't be completely wrong. Still, unfortunately, he's not sitting at his desk with a sheriff's badge and a cowboy hat. It's not as simple as the days in the west, where you can challenge someone to a duel because of a simple "Pop Up" and claim victory with a glass of whiskey, moving on to the next town with problems. Because in every organization, there's at least one person that will click on anything. These issues will continue to grow and evolve in a world where international and national law enforcement are needed, along with a team of investigators creating what some would call the "secret sauce" for tackling cybercrime.   In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Juan Hardoy, an assistant general counsel with the DCU, to discuss his partnership with governments, elected officials, and policymakers. Juan explains the proactive action against cybercriminals trying to hurt our customers, why people aren't going to use our technology or the internet if they don't trust it, and how they bring them to justice in the form of criminal referrals with civil actions.   In this episode you will learn: How Juan earned the role of assistant general counsel What new services and technology criminals are using  Why education is the best defense against cybercrime and tech scams  Some questions we ask: Are there any tactics that Microsoft tried in the past that didn't successfully stop the tech support scammers? What is the mission of the digital crimes unit and how do they partner with government and elected officials?  Why do tech support scammers seem to target consumers and individuals instead of enterprises and organizations? Resources: Visit Juan Hardoy on LinkedIn Visit Natalia on LinkedIn Visit Nic on LinkedIn Visit Microsoft Security Blog  Related:Listen to: Afternoon Cyber Tea with Ann JohnsonListen to: Security UnlockedDiscover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.  Hosted on Acast. See acast.com/privacy for more information.
Entering the Virtual Battlefield
Sep 15 2021
Entering the Virtual Battlefield
Have you ever thought about a career in threat intelligence or cyber security? Possibly finishing school with a degree in computer programming and feel overwhelmed with what to do next? Don't worry; we've all experienced this. Maybe not specifically with computer programming, but the figuring it out aspect. You could be ending active military service and working in cyber operations, helping offensive and defensive cyberspace operations, wondering about the next step. The thought of making the transition from military to private industry can be exciting but also nerve-racking. The good news is that there are many different roads to travel, and with the experience and education you've obtained, you'll most likely have more options than you could have ever imagined.In this episode of Security Unlocked, host Natalia Godyla is joined by Senior Threat Intelligence Analyst Justin Underwood, an army veteran with the personality and charm to calm your nerves. Currently working for a group known as OPTIC, the Operational Threat Intelligence Center at Microsoft, Justin and Natalia discuss his time at Bank of America and Xbox. He explains how it gave him a better understanding of cybersecurity, how he obtained the title of Human Intelligence Collector, and what helped him transition from the army into the world of threat intelligence and cyber security.  In This Episode You Will Learn:   How to find your place in the world of cybersecurity The challenges faced when making the transition from military to private industryWhat the role of a Human Intelligence Collector isSome Questions We Ask:   How does military experience help you succeed in the private industry?   What military tools are used and overlap in the private sector?  What are some big projects currently being worked on?   Resources:  View Justin Underwood on LinkedInView Nic on LinkedIn View Natalia on LinkedIn Visit Microsoft Security Blog Related:Listen to: Afternoon Cyber Tea with Ann JohnsonListen to: Security UnlockedDiscover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. Hosted on Acast. See acast.com/privacy for more information.
Battling BazaCall BuzzKill
Sep 1 2021
Battling BazaCall BuzzKill
It's finally Friday. You successfully made it through another week and the weekend is so close you can taste it. You pour yourself a bowl of your favorite cereal, but before you can get that first bite your phone rings. It's a random number, but for some reason you're feeling chatty and decide to answer. Unfortunately, it's a robot that somehow knows your name and is asking for your social security number, home address, and password from that first AOL account you made in 1998!  It’s easy to recognize classic scams like these, but some of the newer, creative scams can be more challenging to identify.  One of these is called BazaCall, and they don’t call you – oh, no.  BazaCall will have YOU calling THEM! In this episode of Security Unlocked, host Natalia Godyla is re-joined by Microsoft Threat Analysts Emily Hacker and Justin Carroll to talk about a relatively new delivery method for malware and ransomware called BazaCall campaigns. They discuss the different delivery methods used, how attackers evade detection, and where the attack chain begins.      In This Episode You Will Learn:   What makes BazaCall campaigns unique from other email/phone scams How the delivery system works About a new technique called “double extorsion”  Some Questions We Ask:   What is the flow of the attack chain? What are some new tactics used by BazaCall centers? How can organizations mitigate attacks? Resources:  BazaCall: Phony call centers lead to exfiltration and ransomware View Emily on LinkedIn View Justin on LinkedIn View Natalia on LinkedIn Related:Listen to: Afternoon Cyber Tea with Ann JohnsonListen to: Security UnlockedDiscover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. Hosted on Acast. See acast.com/privacy for more information.
Turning to the Purple Side
Aug 25 2021
Turning to the Purple Side
Picture this: you’re working on a new software that will revolutionize your industry. You’ve got your work cut out for you, from design to programming to integration. But what about security? Keeping your software secure should be in the conversation from day one, but not all developers are well-versed in application security. The good news is that you’re not alone, and even if this picture that we’ve painted isn’t of you, there are still very accessible ways to learn about application security and information security. One of these ways is We Hack Purple, created by a Microsoft alumnus.  In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by the founder of We Hack Purple and former Microsoft Senior Cloud Advocate, Tanya Janca, to discuss her company, trainings, and why it’s so important to keep up with the newest movements in the world of security. Before founding her company, Tanya found herself red-teaming and blue-teaming, and declared herself in the world of Purple. She brings us into that world, breaks down app-sec framework, and even gives a few sci-fi book recommendations.  In This Episode You Will Learn:   How to keep up with new practices for security professionals The frame work for application security How to work with and communicate effectively with software developers Some Questions We Ask:   How do we bridge the gap between developers and the security world? What are the pros and cons of threat modeling? Who should get involved in application security?  Resources:  We Hack Purple View Tanya on LinkedIn View Natalia on LinkedIn View Nic on LinkedIn  Related:Listen to: Afternoon Cyber Tea with Ann JohnsonListen to: Security UnlockedDiscover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. Hosted on Acast. See acast.com/privacy for more information.
Protecting the Power Grid
Aug 18 2021
Protecting the Power Grid
Electricity is all around us. In fact, you’re using it to read this right now. It powers (no pun intended) our everyday lives, and it works without us having to think about it. It’s kind of like breathing. I mean, you don’t have to tell your lungs “Hey! Start breathing right now!” But just like with breathing, the problems that can follow an interruption of electricity can be deadly. It shouldn’t be shocking (pun intended) that keeping power grids secure is an international priority.In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Microsoft’s Chief Security Advisor, Hafid Elabdellaoui, to talk about making our power grids safe and stable. So much relies on the stability of our power grids, it’s easy to forget how dependent we are. Hafid discusses the growing concerns with supply chain attacks and explains the importance of cyber hygiene at all levels of an organization.In This Episode You Will Learn: The challenges of bringing new security practices to the old field of utilitiesWhere cybersecurity meets physical security when utilities companies are under threatsWhy keeping a software inventory is crucial to your securitySome Questions We Ask: How do current power grid risks and threats compare to concerns 20 years ago?How do utilities companies work with the government to prevent large-scale power grid failures?How does Microsoft prepare for potential threats, and practice their responses? Resources:Defending the power grid against supply chain attacks—Part 1: The risk definedDefending the power grid against supply chain attacks—Part 2: Securing hardware and softwareDefending the power grid against supply chain attacks—Part 3: Risk management strategies for the utilities industryView Hafid Elabdellaoui on LinkedInView Nic on LinkedInView Natalia on LinkedInRelated:Listen to: Afternoon Cyber Tea with Ann JohnsonListen to: Security UnlockedDiscover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. Hosted on Acast. See acast.com/privacy for more information.
Making the Leap to the Cloud
Aug 11 2021
Making the Leap to the Cloud
8 trillion. It’s kind of a big number, right? That’s how many signals are collected, processed, and analyzed by Microsoft’s security team every single day. Those signals are travelling from the cloud, coming through endpoints, coming through Bing, coming through Xbox. All of these signals are turned into intelligence, and if you’re a cloud user, that intelligence is an asset to your security. By making the leap to the cloud, the power, size, and flexibility of Microsoft’s threat intelligence becomes your resource.   In this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla are re-joined by Microsoft’s Chief Security Advisor, Sarah Armstrong-Smith, to dive deeper into the back half of her four-part series on Becoming Resilient. We explore different cloud models, the shared responsibility of your cloud service provider, and the growing risks of insider threats.  In This Episode You Will Learn:  Best practices on switching to the cloud and ensuring utmost security Why you need to adapt to stay ahead of threats How to build security cleanly into your foundation and keep from it being a messy afterthought Some Questions We Ask:  What do new users gain by moving to the cloud?  What errors are organizations making when moving to the cloud? How do we effectively communicate with our security team about business decisions?  Resources: Becoming resilient by understanding cybersecurity risks: Part 1Becoming resilient by understanding cybersecurity risks: Part 2Becoming resilient by understanding cybersecurity risks: Part 3—a security pro’s perspectiveBecoming resilient by understanding cybersecurity risks: Part 4—navigating current threatsCloud Adoption Framework View Sarah Armstrong-Smith on LinkedInView Natalia on LinkedIn View Nic on LinkedInRelated:Listen to: Afternoon Cyber Tea with Ann JohnsonListen to: Security UnlockedDiscover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. Hosted on Acast. See acast.com/privacy for more information.
Mary Had a Little Scam Report
Aug 4 2021
Mary Had a Little Scam Report
How likely are you to fall for a scam? Survey Says… depends on your demographic. Scammers are evolving, from cold calls on the phone, to computer desktop pop-ups with nagging alarm sounds, to buying out search terms like “email support.” Tech support scams have become an ever-present threat in our online world with 3 out of 5 people globally experiencing them and 1 out of 6 people actually giving their money or personal information to the scammers. Even though there are some honorable people who do what they can to help prevent others from being scammed, the prevalence of these frauds shows they aren’t going away anytime soon.On this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla chat with Mary Jo Schrade, the Asia Regional Lead for Microsoft’s Digital Crimes Unit, about the most recent Global Tech Support Scam Research. The survey covers over 16,000 people in 16 countries and reveals some insights that will leave some feeling hopeful, and some feeling... a little concerned. It’s a relief to know that scam awareness is on the rise globally; however, the groups most susceptible to giving money to scammers may shock you. In This Episode You Will Learn:  Which regions are being targeted mostHow to help those you think are susceptibleHow to recover your money after you’ve been scammed Some Questions We Ask:  Who is falling for these scams?How has the public’s awareness shifted over the past few years?Is it ok to pretend to fall for a scam in order to waste a scammer’s time?Resources: Global Tech Support Scam ResearchReport a scamMary Jo Schrade’s LinkedInMicrosoft Security BlogNic’s LinkedInNatalia’s LinkedInRelated:Listen to: Afternoon Cyber Tea with Ann JohnsonListen to: Security Unlocked: CISO Series with Bret Arsenault Discover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.  Hosted on Acast. See acast.com/privacy for more information.