Security Unlocked

Follow Security Unlocked
Share on
Copy link to clipboard

Security Unlocked explores the technology and people powering Microsoft's Security solutions. In each episode, Microsoft Security evangelists Nic Fillingham and Natalia Godyla take a closer look at the latest innovations in threat intelligence, security research, and data science, with a special focus on demystifying artificial intelligence and machine learning. Be sure to listen in and subscribe! See acast.com/privacy for privacy and opt-out information.

Microsoft


    • Feb 16, 2022 LATEST EPISODE
    • infrequent NEW EPISODES
    • 32m AVG DURATION
    • 96 EPISODES


    Search for episodes from Security Unlocked with a specific topic:

    Latest episodes from Security Unlocked

    Cryptojacking, and Farewell for Now!

    Play Episode Listen Later Feb 16, 2022 36:33


    The success of crypto inspired dozens of other cryptocurrencies like Ethereum, Tether, and Dogecoin. Today, people worldwide use cryptocurrencies to buy things, sell things, and make investments. One thing is certain; digital currencies are here to stay, no matter how many times you have to explain what a bitcoin is. Unfortunately, it also created the world of cryptojacking, a form of cybercrime that remains completely hidden from the target and can infect millions of computers with cryptojacking malware. Which brings us to the fundamental question: What can organizations do to protect themselves?   In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Microsoft senior software engineer Amitrajit Banerjee and senior staff architect at Intel Rahul Ghosh to discuss the history and prevalence of cryptojacking. The push behind a cryptojacking attack is almost always motivated by money. Mining cryptocurrencies can be very lucrative, but making a profit is challenging unless you cover high costs. They discuss the importance of understanding the actual concept of mining, how victims' CPU power and computing resources can be used, and why it isn't easy in general to detect crypto miners.     In This Episode You Will Learn:     How prevalent is cryptojacking and who should be worried  When and how people are exposed to these new types of threats  Why you should be familiar with cryptojacking    Some Questions We Ask:     How are victims' CPU power and computing resources used to mine cryptocurrencies?  What created this environment where cryptojacking is possible?  What are some general techniques when trying to identify cryptojacking?     Resources:    The increasing threat of cryptocurrency miners  Defending against cryptojacking  Guidance for preventing, detecting, and hunting for exploitation    View Amitrajit Banerjee on LinkedIn  View Rahul Ghosh on LinkedIn  View Nic on LinkedIn   View Natalia on LinkedIn      Related:    Listen to: Security Unlocked: CISO Series with Bret Arsenault      Listen to: Afternoon Cyber Tea with Ann Johnson       Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.     

    A look at Cybercrime in 2021

    Play Episode Listen Later Feb 2, 2022 41:48


    Ransomware attacks have never been so successful. The returns from these attacks are soaring and only becoming easier to conduct. In chapter two of the Microsoft Digital Defense Report, the growing threat of cybercrime is covered in great detail. As we continue to go over the MDDR, it's more apparent than ever that the cybercrime economy and services it provides are stronger and more complex than ever. Cryptocurrency, malware, and adversarial machine learning are just a few of the topics we believe need to be covered in more detail.   In this episode of Security Unlocked, host's Natalia Godyla and Nic Fillingham are joined by Jason Lyons, principal investigator in the digital crimes unit at Microsoft. Jason is an experienced investigator specializing in computer investigations. He is trained and experienced in hacker methodology/techniques, computer forensics, and incident response. Jason joined the show to discuss Chapter two of the Microsoft Digital Defense Report, which focuses on the state of cybercrime. He also speaks on how cryptocurrency has created new challenges in ransomware, why ransomware continues to grow, and recent trends we are currently seeing in malware.      In This Episode You Will Learn:      How to decide whether to pay the ransomware or not  New ways for security teams to protect against malware  Why we are seeing a rise in cybercrime due to cryptocurrency.     Some Questions We Ask:     What's new in the way the cybercrime economy operates?   Why is ransomware still such a big thing and maybe even getting bigger?  What trends are we seeing with malware right now?     Resources:    Microsoft Digital Defense Report   View Jason Lyons on LinkedIn   View Nic on LinkedIn   View Natalia on LinkedIn      Related:    Listen to: Security Unlocked: CISO Series with Bret Arsenault      Listen to: Afternoon Cyber Tea with Ann Johnson       Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.     

    What's a BISO?

    Play Episode Listen Later Jan 19, 2022 40:21


    Everything is exciting and new when you're a kid, and curiosity inspires many of us to branch out and try new things. For some, that means drawing from our imagination or trying all kinds of sports. And for others it means spending days at the library, checking out books on modem communications, and eventually hacking into the local dial-up community service. That's just a random example, of course... Either way, curiosity can be a powerful tool, even at a young age. To the point that it may help kickstart a career, you didn't even know existed.   In this episode of Security Unlocked, host Natalia Godyla is joined by S&P Global Ratings BISO Alyssa Miller. Alyssa is a life-long hacker and highly experienced security executive. She runs the security strategy for S&P Global Ratings as the Business Information Security Officer (BISO), bringing together corporate security objectives and business objectives. Natalia and Alyssa discuss her journey in security from a young and curious hacker to a BISO of the largest credit-rating agency, and how she is shaping what the role of the BISO will be for future generations.      In This Episode You Will Learn:     What are the roles and responsibilities of a BISO   How a BISO should interact with the rest of the organization  How to put yourself on track to become a BISO      Some Questions We Ask:     What are the gaps that the BISO function is trying to address?  What other roles should exist in security, but don't?   How will the BISO role evolve over time?     Resources:    View Alyssa Miller on LinkedIn  View Nic on LinkedIn   View Natalia on LinkedIn      Related:    Listen to: Security Unlocked: CISO Series with Bret Arsenault      Listen to: Afternoon Cyber Tea with Ann Johnson        Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.   

    Disinformation in the Enterprise

    Play Episode Listen Later Jan 5, 2022 35:36


    Disinformation refers to the calculated use of false information to influence others and has been a steadily growing form of information warfare. Unfortunately, disinformation is everywhere these days, often hidden in plain sight. Criminals will also adapt and take advantage of technologies, such as AI and deepfakes, to increase the effectiveness of disinformation campaigns. Of course, there are ways to combat these types of attacks, and we cover recommendations for protecting the enterprise in the 2021 Microsoft Digital Defense Report (MDDR).   In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by the Director of Enterprise Continuity and Resilience at Microsoft, Irfan Mirza, who authored the chapter on disinformation in the enterprise in the 2021 MDDR. Irfan joins to discuss what disinformation is, why the use of disinformation is growing, how cognitive hacking occurs, and how cybersecurity can start thinking about adapting their strategies.  In This Episode You Will Learn:     How to identify disinformation campaigns   How to train users and protect your organization from disinformation    Why we need AI to defend against disinformation    Some Questions We Ask:     What is the difference between misinformation and disinformation?  How does disinformation impact cybersecurity?  What new skills do cybersecurity professionals need to be able to protect the enterprise from this new threat?    Resources:    Microsoft Digital Defense Report 2021  View Irfan Mirza on LinkedIn   View Nic on LinkedIn   View Natalia on LinkedIn      Related:      Listen to: Security Unlocked: CISO Series with Bret Arsenault      Listen to: Afternoon Cyber Tea with Ann Johnson     Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.

    I am Shroot-less

    Play Episode Listen Later Dec 22, 2021 36:45


    Microsoft works around the clock to protect their customers, no matter what product they're using, Microsoft or otherwise. In some instances Microsoft teams up with other companies, creating an all-star cybersecurity team, to handle newly discovered vulnerabilities. It helps everyone stay more secure, and of course, that's the ultimate goal, right?     In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are re-joined by Jonathan Bar Or, Principal Security Researcher at Microsoft. Jonathan discusses the recently discovered vulnerability that could let attackers bypass System Integrity Protection (SIP) in macOS, why he believes in investing in cross-platform protection, and the importance of collaboration between security researchers, software vendors, and the larger security community.     In This Episode You Will Learn:  What is System Integrity Protection (SIP)  How attackers can bypass SIP  How attackers can use the Shrootless vulnerability    Some Questions We Ask:  How did you find the Shrootless vulnerability?  How do you decide what products to assess?  How does the process of submitting a vulnerability to Apple work?     Resources:    Microsoft finds new macOS vulnerability - Shrootless  View Jonathan Bar Or on LinkedIn  View Nic on LinkedIn   View Natalia on LinkedIn     Related:    Listen to: Security Unlocked: CISO Series with Bret Arsenault      Listen to: Afternoon Cyber Tea with Ann Johnson       Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.     

    Decoding NOBELIUM

    Play Episode Listen Later Dec 8, 2021 49:29


    In December 2020, Microsoft began sharing information with the cybersecurity industry on a group of Russia-based hackers who gained access to multiple enterprises through vulnerable software code, stolen passwords, compromised on-premises servers, and minted SAML tokens. In this supply chain attack, hackers could access the SolarWinds code, slip malicious code into a piece of the software, and use the vendor's legitimate software updates to spread malware to customer systems.    Security Unlocked is excited to share with you, Decoding NOBELIUM. The docuseries gives you an inside look into the NOBELIUM incident, now viewed as one of the most advanced nation-state and supply chain attacks in history, with stories from the frontline defenders who tracked and responded to the attackers.  Resources:  Decoding NOBELIUM: Video Series Defending Against Nation-State Attacks | Microsoft Security View Natalia on LinkedIn  View Nic on LinkedIn  Related:     Listen to: Security Unlocked: CISO Series with Bret Arsenault    Listen to: Afternoon Cyber Tea with Ann Johnson   Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.  

    Trusting Your Hybrid Workforce

    Play Episode Listen Later Nov 24, 2021 41:45


    We are back, covering more of the 2021 Microsoft Digital Defense Report, and this time we're taking a deep dive into chapter five on Hybrid Workforce Security and Zero Trust. Zero Trust means precisely what it sounds like, never assuming any device or identity is secure; it's like having major trust issues, but in a professional way. With most businesses moving to remote work because of the pandemic, cybercriminals, of course, found new ways to take advantage, especially since most people are now moving between business and personal activity online. For the first time, we're going to cover a full 12-month recap of what securing the hybrid workforce has been like.  In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Carmichael Patton, Lead Architect for Microsoft's Internal Zero Trust Deployment. Carmichael joins the show to discuss security challenges and trends impacting the hybrid workforce, the three most significant insider risk vulnerabilities, and why some customers are still not using MFA.  In This Episode You Will Learn:     Security challenges and trends impacting the hybrid workforce  How Microsoft approached their Zero Trust journey   Prioritizing security initiatives during a time of massive change    Some Questions We Ask:     What were some of the major hybrid workforce attacks?   Why are some customers still not using MFA?  When and how should you deal with insider risk?  Resources:    Zero Trust Adoption Report  The 2021 Microsoft Digital Defense Report   View Carmichael Patton on LinkedIn   View Nic on LinkedIn   View Natalia on LinkedIn   Related:  Listen to: Security Unlocked: CISO Series with Bret Arsenault    Listen to: Afternoon Cyber Tea with Ann Johnson   Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.   

    When Privacy Meets Security

    Play Episode Listen Later Nov 10, 2021 39:06


    The way most people operate online these days, what would you even consider private anymore? We are so quick to share details about our job, home, friends, and family without even thinking about how much personal info we're giving away. Privacy and user agreements are a part of almost everyone's life at this point, and what do you know about them? For the most part, we often see a user agreement pop up, click agree and move on, but do you know what you just agreed to? Privacy choices have become routine, though they shouldn't be.  In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Privacy Counsel and Data Protection Officer at Asana, Whitney Merrill. She is an accomplished attorney with 7+ years of privacy, data security, and data governance experience. Whitney discusses how to avoid common privacy mistakes, current privacy attack trends, and the importance of thinking like an attacker.     In This Episode You Will Learn:     The role of encryption in privacy   Privacy attack trends you should be paying attention to  Why some organizations have different approaches to privacy     Some Questions We Ask:     How, and when, do privacy and security come together?   Why has a common framework been so difficult to establish?   Should regulators play a role in establishing a baseline of privacy awareness?     Resources:    View Whitney Merrill on LinkedIn  View Nic on LinkedIn   View Natalia on LinkedIn     Related:      Listen to: Security Unlocked: CISO Series with Bret Arsenault    Listen to: Afternoon Cyber Tea with Ann Johnson     Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.  

    Securing Modern Software

    Play Episode Listen Later Oct 27, 2021 22:07


    The newfound popularity of the internet in the nineties spurned an obsession with hacking. Unfortunately, most movies believed that it wasn't possible to show real hacking and still be entertaining; hence all the awkward video game graphics and characters living in sketchy basements regularly yelling out, "We're in!" while pounding on their keyboards. I'd also like to address their outfit choices but now is not the appropriate time. The point is, hackers have been portrayed as the same character repeatedly when in reality, there are many possibilities to turn these skills into a legitimate career.     In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Co-Founder and Chief Technology Officer at Veracode Chris Wysopal. In the '90s, Chris was one of the first vulnerability researchers at The L0pht, a hacker think tank, where he publicized his findings on the dangers of insecure software. Chris shares guidance for anyone getting started with modern secure software development, the best tools to monitor for vulnerabilities in open-source code, and shares what he believes is one of the greatest threats to software development.     In This Episode You Will Learn:     How to use open-source code safely  Best tools for monitoring vulnerabilities  How to detect and respond to threats to insecure software    Some Questions We Ask:     What is modern secure software development?   What are the biggest threats to software today?   How should companies allocate ownership of secure code across the software development lifecycle?    Resources:    View Chris Wysopal on LinkedIn  View Nic on LinkedIn   View Natalia on LinkedIn   Related:     Listen to: Afternoon Cyber Tea with Ann Johnson   Listen to: Security Unlocked: CISO Series with Bret Arsenault   Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    The 2021 Microsoft Digital Defense Report

    Play Episode Listen Later Oct 20, 2021 39:58


    Okay, look, we know you plan on reading the entire 2021 MDDR at some point. But you're busy. Life gets in the way. We get it. Who has the time! Well, we've got the time, but that's beside the point, and honestly... fortunate for you. We've read the report front to back and have decided to cover some of it today on the podcast, but you'll still need to read all 134 pages yourself if you truly want to grasp the entire piece. Unless you want to be that person who listens to a single podcast and pretends they read the whole thing... then go ahead; we won't tell.  In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Sian John, Microsoft's director of strategic growth. Sian is currently working with the business development team, exploring growth opportunities for Microsoft to strengthen security, compliance, and identity offerings that address unfulfilled needs in the market. As a security professional with over 25 years of experience, Sian accompanies us as we discuss the 2021 Microsoft Digital Defense Report, which she personally contributed to.       In This Episode You Will Learn:     The history and analysis of the 2021 Microsoft Digital Defense Report  The evolution of cybercrime services that are for sale  What's providing new attackers with access to deeper data    Some Questions We Ask:     How did Microsoft settle on the topics and themes of the 2021 MDDR?    What are some takeaways from the newly added disinformation chapter?  Why isn't Zero Trust being implemented, considering the conversations we've had that it's more critical than ever?      Resources:     2021 Microsoft Digital Defense Report  View Sian John on LinkedIn  View Natalia on LinkedIn  View Nic on LinkedIn   Related:     Listen to: Security Unlocked: CISO Series with Bret Arsenault   Listen to: Afternoon Cyber Tea with Ann Johnson  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.  

    Mobile 4N6 101

    Play Episode Listen Later Oct 13, 2021 35:34


    What would you say is the most personal possession that you own? Most would say their cell phone... unless you still have a few journals from high school. And if you do, this is your reminder that it might be time to let those go. It's become increasingly apparent lately how much info our phones collect from us, from the first app you check in the morning after waking up, recent calendar entries, and your actual heart rate by 9 am. The crazy part is most people don't give it a second thought. It doesn't interest us... until something or someone goes missing, then it becomes a road map to whatever it is you did.  In this episode of Security Unlocked, host's Natalia Godyla and Nic Fillingham are joined by Senior Digital Forensics Researcher at Cellebrite, SANS Author and Senior Instructor Sarah Edwards. Sarah walks us through the world of mobile digital forensics while also crushing our dreams on how not so relatable it is to our favorite CSI television shows. She explains what makes mobile forensics unique while incredibly intimate and how a mobile device can be used as part of an attack chain.   In This Episode You Will Learn:  The specific tools used during a digital forensics investigation  What the typical threat landscape looks like for mobile devices  Big trends and changes happening in the past few years    Some Questions We Ask:  How is mobile forensics particularly unique?  ​​What is typically looked for during an investigation?   How is a mobile device used as part of an attack chain?  Resources:  mac4n6.com  View Sarah Edwards on LinkedIn  View Nic on LinkedIn  View Natalia on LinkedIn  View Microsoft Security Blog  Related:    Listen to: Afternoon Cyber Tea with Ann Johnson  Listen to: Security Unlocked: CISO Series with Bret Arsenault    Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Untangling Botnets

    Play Episode Listen Later Oct 6, 2021 37:39


    You're back home celebrating the holidays with friends and family, sharing stories, catching up, and discussing your plans for the year ahead. Next thing you know, that cousin who wouldn't stop sending you emails about the "future of bitcoin" and coin mining kicks the door open, and he's ready to spread some holiday knowledge. Oh yeah, he's also going to cut you in on a sweet deal he has going on with his buddy Carl, who he met at dollar wing night. Unfortunately, Carl is one of the bad guys. He is secretly infecting multiple devices with botnets, collecting crypto-cash at the expense of the naive device owners who don't know that their machines are being used.    In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are re-joined by Microsoft Defender 365 threat intelligence team member Elif Kaya, whose current primary focus is with botnets, commodity threats, and phishing delivered malware. Elif explains some of the new techniques from botnets, how they're being used for financial theft via cryptocurrency mining, and the impact on the defender's view of these actions.   In This Episode You Will Learn:   An overview and detailed description of what botnets are  The fundamentals of cryptocurrency mining & botnets on a machine Best practices when trying to identify new botnets Some Questions We Ask:     How can Microsoft contribute to helping take down these botnets?   What direction are the new botnets moving towards?  How common is competition-killing activity within new botnets and crypto mining?  Resources:  Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment  When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure  When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks  View Elif Kaya on LinkedIn View Natalia on LinkedIn  View Nic on LinkedIn    Related:    Listen to: Security Unlocked: CISO Series with Bret Arsenault  Listen to: Afternoon Cyber Tea with Ann Johnson Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    What the Fuzz?!

    Play Episode Listen Later Sep 29, 2021 36:57


    Do you have a data science or engineering background? If so, you're in luck. If not, you're also in luck because today's guest found a way to make a few complex subjects understandable for everyone. The first of many topics... Fuzzy hashing. It might sound like an adorable, adventurous Muppet character, but I promise you the reason behind it is not cute at all. The short explanation is "fighting crime with math," and honestly, the short version is all I've got for you. So, sit back and pay attention to an episode even the hosts plan on listening to twice.  In this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla are joined by Edir Garcia Lazo, a data scientist currently working for the Microsoft Defender Cybersecurity Artificial Intelligence Team. Edir specializes in writing cloud machine learning models for the Malware Classification sub-team, working with threat hunters, reverse engineers, or security researchers. Edir talks us through character changes in malicious payloads, polymorphic malware, and the difference between fuzzing and fuzzy hashing.    Questions we ask:  What inspired the team to look at fuzzy hashing and deep learning as techniques for detection instead of some of the more traditional methods?  Is there a limit to how much change the fuzzy hashing methodology can recognize?  What are some of the major differences between fuzzing and fuzzy hashing?  What you'll learn:  Why fuzzy hashes aren't a cure-all and continue to have problems with radically new malware.  Differences between perceptron and a multilayer perceptron.  The compatibility between deep learning and fuzzy hashing.  Resources:   Combing through the fuzz: Using fuzzy hashing and deep learning to counter malware detection evasion techniques  View Edir on LinkedIn View Nic's LinkedIn View Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    The ‘Three E's' of Scam Disruption

    Play Episode Listen Later Sep 22, 2021 36:25


    Juan Hardoy leads an international team of investigators, analysts, and lawyers inside the Digital Crimes Unit who share a joint mission to protect customers and promote trust in Microsoft technologies. Hearing that might take your imagination to a place where Juan is deputized to fight crime in digital space, and you wouldn't be completely wrong. Still, unfortunately, he's not sitting at his desk with a sheriff's badge and a cowboy hat. It's not as simple as the days in the west, where you can challenge someone to a duel because of a simple "Pop Up" and claim victory with a glass of whiskey, moving on to the next town with problems. Because in every organization, there's at least one person that will click on anything. These issues will continue to grow and evolve in a world where international and national law enforcement are needed, along with a team of investigators creating what some would call the "secret sauce" for tackling cybercrime.     In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Juan Hardoy, an assistant general counsel with the DCU, to discuss his partnership with governments, elected officials, and policymakers. Juan explains the proactive action against cybercriminals trying to hurt our customers, why people aren't going to use our technology or the internet if they don't trust it, and how they bring them to justice in the form of criminal referrals with civil actions.     In this episode you will learn:  How Juan earned the role of assistant general counsel  What new services and technology criminals are using   Why education is the best defense against cybercrime and tech scams    Some questions we ask:  Are there any tactics that Microsoft tried in the past that didn't successfully stop the tech support scammers?  What is the mission of the digital crimes unit and how do they partner with government and elected officials?   Why do tech support scammers seem to target consumers and individuals instead of enterprises and organizations?  Resources:  Visit Juan Hardoy on LinkedIn  Visit Natalia on LinkedIn  Visit Nic on LinkedIn  Visit Microsoft Security Blog    Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Entering the Virtual Battlefield

    Play Episode Listen Later Sep 15, 2021 35:45


    Have you ever thought about a career in threat intelligence or cyber security? Possibly finishing school with a degree in computer programming and feel overwhelmed with what to do next? Don't worry; we've all experienced this. Maybe not specifically with computer programming, but the figuring it out aspect. You could be ending active military service and working in cyber operations, helping offensive and defensive cyberspace operations, wondering about the next step. The thought of making the transition from military to private industry can be exciting but also nerve-racking. The good news is that there are many different roads to travel, and with the experience and education you've obtained, you'll most likely have more options than you could have ever imagined. In this episode of Security Unlocked, host Natalia Godyla is joined by Senior Threat Intelligence Analyst Justin Underwood, an army veteran with the personality and charm to calm your nerves. Currently working for a group known as OPTIC, the Operational Threat Intelligence Center at Microsoft, Justin and Natalia discuss his time at Bank of America and Xbox. He explains how it gave him a better understanding of cybersecurity, how he obtained the title of Human Intelligence Collector, and what helped him transition from the army into the world of threat intelligence and cyber security.    In This Episode You Will Learn:    How to find your place in the world of cybersecurity  The challenges faced when making the transition from military to private industry What the role of a Human Intelligence Collector is Some Questions We Ask:    How does military experience help you succeed in the private industry?    What military tools are used and overlap in the private sector?   What are some big projects currently being worked on?     Resources:   View Justin Underwood on LinkedIn View Nic on LinkedIn  View Natalia on LinkedIn  Visit Microsoft Security Blog  Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.

    Battling BazaCall BuzzKill

    Play Episode Listen Later Sep 1, 2021 35:43


    It's finally Friday. You successfully made it through another week and the weekend is so close you can taste it. You pour yourself a bowl of your favorite cereal, but before you can get that first bite your phone rings. It's a random number, but for some reason you're feeling chatty and decide to answer. Unfortunately, it's a robot that somehow knows your name and is asking for your social security number, home address, and password from that first AOL account you made in 1998!  It's easy to recognize classic scams like these, but some of the newer, creative scams can be more challenging to identify.  One of these is called BazaCall, and they don't call you – oh, no.  BazaCall will have YOU calling THEM!  In this episode of Security Unlocked, host Natalia Godyla is re-joined by Microsoft Threat Analysts Emily Hacker and Justin Carroll to talk about a relatively new delivery method for malware and ransomware called BazaCall campaigns. They discuss the different delivery methods used, how attackers evade detection, and where the attack chain begins.        In This Episode You Will Learn:    What makes BazaCall campaigns unique from other email/phone scams  How the delivery system works  About a new technique called “double extorsion”   Some Questions We Ask:    What is the flow of the attack chain?  What are some new tactics used by BazaCall centers?  How can organizations mitigate attacks?  Resources:   BazaCall: Phony call centers lead to exfiltration and ransomware  View Emily on LinkedIn  View Justin on LinkedIn  View Natalia on LinkedIn  Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.

    Turning to the Purple Side

    Play Episode Listen Later Aug 25, 2021 25:23


    Picture this: you're working on a new software that will revolutionize your industry. You've got your work cut out for you, from design to programming to integration. But what about security? Keeping your software secure should be in the conversation from day one, but not all developers are well-versed in application security. The good news is that you're not alone, and even if this picture that we've painted isn't of you, there are still very accessible ways to learn about application security and information security. One of these ways is We Hack Purple, created by a Microsoft alumnus.   In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by the founder of We Hack Purple and former Microsoft Senior Cloud Advocate, Tanya Janca, to discuss her company, trainings, and why it's so important to keep up with the newest movements in the world of security. Before founding her company, Tanya found herself red-teaming and blue-teaming, and declared herself in the world of Purple. She brings us into that world, breaks down app-sec framework, and even gives a few sci-fi book recommendations.   In This Episode You Will Learn:    How to keep up with new practices for security professionals  The frame work for application security  How to work with and communicate effectively with software developers  Some Questions We Ask:    How do we bridge the gap between developers and the security world?  What are the pros and cons of threat modeling?  Who should get involved in application security?   Resources:   We Hack Purple  View Tanya on LinkedIn  View Natalia on LinkedIn  View Nic on LinkedIn    Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.

    Enterprise Dish: Windows 365 Pricing and the LTSC of Windows 11

    Play Episode Listen Later Aug 20, 2021 27:06


    On this edition of the Enterprise Dish, Microsoft pulls back the curtain on Windows 365 pricing, Windows 11 LTSC is confirmed but the wait is long, and chip shortages are impacting decisions. Check out the upcoming webinar with SmartDeploy! 

    Protecting the Power Grid

    Play Episode Listen Later Aug 18, 2021 36:09


    Electricity is all around us. In fact, you're using it to read this right now. It powers (no pun intended) our everyday lives, and it works without us having to think about it. It's kind of like breathing. I mean, you don't have to tell your lungs “Hey! Start breathing right now!” But just like with breathing, the problems that can follow an interruption of electricity can be deadly. It shouldn't be shocking (pun intended) that keeping power grids secure is an international priority. In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Microsoft's Chief Security Advisor, Hafid Elabdellaoui, to talk about making our power grids safe and stable. So much relies on the stability of our power grids, it's easy to forget how dependent we are. Hafid discusses the growing concerns with supply chain attacks and explains the importance of cyber hygiene at all levels of an organization. In This Episode You Will Learn:  The challenges of bringing new security practices to the old field of utilities Where cybersecurity meets physical security when utilities companies are under threats Why keeping a software inventory is crucial to your security Some Questions We Ask:  How do current power grid risks and threats compare to concerns 20 years ago? How do utilities companies work with the government to prevent large-scale power grid failures? How does Microsoft prepare for potential threats, and practice their responses?   Resources: Defending the power grid against supply chain attacks—Part 1: The risk defined Defending the power grid against supply chain attacks—Part 2: Securing hardware and software Defending the power grid against supply chain attacks—Part 3: Risk management strategies for the utilities industry View Hafid Elabdellaoui on LinkedIn View Nic on LinkedIn View Natalia on LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.

    Making the Leap to the Cloud

    Play Episode Listen Later Aug 11, 2021 37:12


    8 trillion. It's kind of a big number, right? That's how many signals are collected, processed, and analyzed by Microsoft's security team every single day. Those signals are travelling from the cloud, coming through endpoints, coming through Bing, coming through Xbox. All of these signals are turned into intelligence, and if you're a cloud user, that intelligence is an asset to your security. By making the leap to the cloud, the power, size, and flexibility of Microsoft's threat intelligence becomes your resource.    In this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla are re-joined by Microsoft's Chief Security Advisor, Sarah Armstrong-Smith, to dive deeper into the back half of her four-part series on Becoming Resilient. We explore different cloud models, the shared responsibility of your cloud service provider, and the growing risks of insider threats.   In This Episode You Will Learn:   Best practices on switching to the cloud and ensuring utmost security  Why you need to adapt to stay ahead of threats  How to build security cleanly into your foundation and keep from it being a messy afterthought  Some Questions We Ask:   What do new users gain by moving to the cloud?   What errors are organizations making when moving to the cloud?  How do we effectively communicate with our security team about business decisions?   Resources:  Becoming resilient by understanding cybersecurity risks: Part 1 Becoming resilient by understanding cybersecurity risks: Part 2 Becoming resilient by understanding cybersecurity risks: Part 3—a security pro's perspective Becoming resilient by understanding cybersecurity risks: Part 4—navigating current threats Cloud Adoption Framework  View Sarah Armstrong-Smith on LinkedIn View Natalia on LinkedIn  View Nic on LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.

    Mary Had a Little Scam Report

    Play Episode Listen Later Aug 4, 2021 38:36


    How likely are you to fall for a scam? Survey Says… depends on your demographic. Scammers are evolving, from cold calls on the phone, to computer desktop pop-ups with nagging alarm sounds, to buying out search terms like “email support.” Tech support scams have become an ever-present threat in our online world with 3 out of 5 people globally experiencing them and 1 out of 6 people actually giving their money or personal information to the scammers. Even though there are some honorable people who do what they can to help prevent others from being scammed, the prevalence of these frauds shows they aren't going away anytime soon. On this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla chat with Mary Jo Schrade, the Asia Regional Lead for Microsoft's Digital Crimes Unit, about the most recent Global Tech Support Scam Research. The survey covers over 16,000 people in 16 countries and reveals some insights that will leave some feeling hopeful, and some feeling... a little concerned. It's a relief to know that scam awareness is on the rise globally; however, the groups most susceptible to giving money to scammers may shock you.   In This Episode You Will Learn:   Which regions are being targeted most How to help those you think are susceptible How to recover your money after you've been scammed   Some Questions We Ask:   Who is falling for these scams? How has the public's awareness shifted over the past few years? Is it ok to pretend to fall for a scam in order to waste a scammer's time? Resources: Global Tech Support Scam Research Report a scam Mary Jo Schrade's LinkedIn Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Talking Security With Non-Security Professionals

    Play Episode Listen Later Jul 28, 2021 38:14


    Every occupation has its unique jargon that allows professionals to speak their own language and understand each other's shorthand.  Those of us in the world of cybersecurity are no exception as we frequently toss around acronyms and abbreviations, but how can we cybersecurity professionals communicate all of this crucial ingrained knowledge to people who haven't the faintest idea about technology, security, or what our conversational shorthand even means?   In this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla speak with Microsoft's Chief Security Advisor, Sarah Armstrong-Smith, about the most effective ways to communicate high-level security topics with non-security professionals. In order to create a more secure world, it's paramount that the non-tech savvy are equally informed and protected, and Sarah has some excellent tips in achieving that goal.    In This Episode You Will Learn:  How important it is to define ‘risk'   Why it's a mistake to think of cyber protections as a necessary evil in a corporation The value of introducing topics by asking questions rather than lecturing    Some Questions We Ask:  Who should be driving security conversations in an organization?  How should we introduce cybersecurity concepts non-cybersecurity professionals?  What are some tips for complex organizations introducing their teams to cybersecurity concepts?    Resources:  Sarah Armstrong-Smith's Blog post part 1 Sarah Armstrong-Smith's Blog post part 2 Sarah Armstrong-Smith's Blog post part 3 Sarah Armstrong-Smith's Blog post part 4 Sarah Armstrong-Smith's LinkedIn Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn   Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Enterprise Dish: Your Annual Ransomware Tips

    Play Episode Listen Later Jul 27, 2021 23:03


    On this episode of the Enterprise Dish, diving into the latest trends in ransomware and how you can better protect your environment. You can find Rick on Twitter and learn more about Veeam, here. 

    Discovering Router Vulnerabilities with Anomaly Detection

    Play Episode Listen Later Jul 21, 2021 32:59


    Ready for a riddle? What do 40 hypothetical high school students and our guest on this episode have in common? Why they can help you understand complex cyber-attack methodology, of course!  In this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla are brought back to school by Principal Security Researcher, Jonathan Bar Or who discusses vulnerabilities in NETGEAR Firmware. During the conversation Jonathan walks through how his team recognized the vulnerabilities and worked with NETGEAR to secure the issue, and helps us understand exactly how the attack worked using an ingenious metaphor.     In This Episode You Will Learn:  How a side-channel attack works  Why attackers are moving away from operating systems and towards network equipment  Why routers are an easy access point for attacks  Some Questions We Ask:  How do you distinguish an anomaly from an attack?  What are the differences between a side-channel attack and an authentication bypass?  What can regular users do to protect themselves from similar attacks?    Resources:  Jonathan Bar Or's Blog Post Jonathan Bar Or's LinkedIn Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn   Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Enterprise Dish: Digging Into Windows 11 and 365

    Play Episode Listen Later Jul 16, 2021 30:26


    On this episode of the Enterprise Dish, Windows 11 has positive changes for the IT Pro, Windows 365 introduces a new way to run Windows, and Aaron has a couple of thoughts on moving the desktop to the cloud. You can find Aaron on Twitter and learn more about SmartDeploy here. 

    Securing the Internet of Things

    Play Episode Listen Later Jul 14, 2021 37:02


    There used to be a time when our appliances didn't talk back to us, but it seems like nowadays everything in our home is getting smarter. Smart watches, smart appliances, smart lights - smart everything! This connectivity to the internet is what we call the Internet of Things (IoT). It's becoming increasingly common for our everyday items to be “smart,” and while that may provide a lot of benefits, like your fridge reminding you when you may need to get more milk, it also means that all of those devices become susceptible to cyber attacks. On this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla talk to Arjmand Samuel about protecting IoT devices, especially with a zero trust approach. Listen in to learn not only about the importance of IoT security, but also what Microsoft is doing to protect against such attacks and how you can better secure these devices.     In This Episode You Will Learn:   What the techniques are to verify explicitly on IoT devices  How to apply the zero trust model in IoT  What Microsoft is doing to protect against attacks on IoT  Some Questions We Ask:  What is the difference between IoT and IT?  Why is IoT security so important?  What are the best practices for protecting IoT?    Resources:  Arjmand Samuel's LinkedIn Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Looking a Gift Card Horse in the Mouth

    Play Episode Listen Later Jul 7, 2021 31:36


    Is it just me, or do you also miss the good ole days of fraudulent activity? You remember the kind I'm talking about, the emails from princes around the world asking for just a couple hundred dollars to help them unfreeze or retrieve their massive fortune which they would share with you. Attacks have grown more nuanced, complex, and invasive since then, but because of the unbelievable talent at Microsoft, we're constantly getting better at defending against it.   On this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla sit down with returning champion, Emily Hacker, to discuss Business Email Compromise (BEC), an attack that has perpetrators pretending to be someone from the victim's place of work and instructs them to purchase gift cards and send them to the scammer. Maybe it's good to look a gift card horse in the mouth?     In This Episode You Will Learn:   Why BEC is such an effective and pervasive attack  What are the key things to look out for to protect yourself against one  Why BEC emails are difficult to track    Some Questions We Ask:   How do the attackers mimic a true-to-form email from a colleague?  Why do we classify this type of email attack separately from others?  Why are they asking for gift cards rather than cash?    Resources:   Emily Hacker's LinkedIn FBI's 2020 Internet Crime Report Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn    Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Enterprise Dish: An Office UI Refresh and an IPO

    Play Episode Listen Later Jul 2, 2021 13:08


    On this episode of Enterprise Dish, Office is getting a UI refresh, Visio joins the parade, and AvePoint has gone public.

    Enterprise Dish: Should You Upgrade to Windows Sever 2016, 2019 or 2022?

    Play Episode Listen Later Jun 30, 2021 24:40


    On this edition of the Enterprise Dish, we dive into the big question on many IT Pro's agenda - should you upgrade your Windows Severs 2012R2 boxes to Sever 2019, or 2022?

    Simulating the Enemy

    Play Episode Listen Later Jun 30, 2021 35:33


    How does that old saying go? Keep your friends close and keep your understanding of a threat actor's underlying behavior and functionality of tradecraft closer? As new tools are developed and implemented for individuals and businesses to protect themselves, wouldn't it be great to see how they hold up against different attacks without actually having to wait for an attack to happen? Microsoft's new open-source tool, Simuland, allows users to simulate attacks on their own infrastructure to see where their own weaknesses lie.   In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham sit down with Roberto Rodriguez, Principle Threat Researcher for the Microsoft Threat Intelligence Center (MSTIC) and Simuland's developer, to understand how the project came to life, and what users can expect as they use it.   In This Episode You Will Learn:   How community involvement will help Simuland grow  How individuals can use Simuland to see examples of actions threat actors can take against their infrastructure  What other projects and libraries went into Simuland's development  Some Questions We Ask:   What exactly is being simulated in Simuland?  What do does Roberto hope for users to take away from Simuland?  What is next for the Simuland project?    Resources:   Roberto Rodriguez's LinkedIn Roberto's blog post, SimuLand: Understand adversary tradecraft and improve detection strategies Roberto's Twitter: Cyb3rWard0g Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn    Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Dial 'T' for Tech Support Fraud

    Play Episode Listen Later Jun 23, 2021 37:57


    We've all had a family dinner, Netflix binge, or otherwise relaxing moment ruined by a telemarketer trying to sell you something you didn't need – a magazine subscription, insurance, you name it! But recently, people have been getting calls that are much more sinister in nature; people claiming to be employees of Microsoft, or Apple, or Amazon, have been calling unsuspecting victims and urging them to pay the caller in exchange for cleaning their computer of viruses. Viruses that don't exist. None of these people work for the companies they claim to, but rather are a small cog in a larger machine working to defraud the public.  On this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham kick off a three-episode arc discussing tech support scams. To get started, they speak with Anup B Kumar, Microsoft's Digital Crime Unit's Asia lead of investigation and analytics, to get a better sense of who is behind these scams, what their motivations are, and some ideas on how to stop them.     In This Episode You Will Learn:   Who these scammers target and why  How the scammers trick victims into trusting them.   Why working with law enforcement is crucial to stopping the problem  Some Questions We Ask:   Do the scammers know that they are scamming?   How pervasive is this scam?  Can we stop the scam by helping to facilitate legitimate employment?    Resources:   Anup Kumar's LinkedIn Microsoft Report a Scam Microsoft Security Services Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn    Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.  

    Enterprise Dish: A First Look at the Future of Windows

    Play Episode Listen Later Jun 16, 2021 22:43


    On this episode of the Enterprise Dish, we get our first look at the next generation of Windows, Windows 11.

    A Day in the Life of a Microsoft Principal Architect

    Play Episode Listen Later Jun 16, 2021 34:52


    We're formally sending out a petition to change the phrase “Jack of all trades” to “Hyrum of all trades” in honor of this episode's guest, Hyrum Anderson. In this episode, hosts Natalia Godyla and Nic Fillingham sit down with Hyrum Anderson who, when he's not fulfilling his duties as the Principal Architect of the Azure Trustworthy ML group, spends his time playing accordions, making cheese, and founding impressive technology conferences. He does it all!   Rather than chatting with Hyrum about a specific capability that he's helped to develop, or a blog post that he co-authored – because, believe us, the episode would last for hours – we decided to have a chat with him about his life, how he first got into the world of technology, and his thoughts on the current state of cyber security.   In This Episode You Will Learn:   The differences between a risk and a threat  Why it's easier to attack than defend  What a Principal Architect of the Azure Trustworthy ML group does in his spare time  Some Questions We Ask:   How does Hyrum think about adversarial machine learning and protecting A.I. systems?  What is it like for Hyrum to oversee both the red teaming and defensive side of operations?  Why are we better at finding holes in security than we are at making sure they don't exist in the first place?     Resources:   Hyrum Anderson's LinkedIn Hyrum Anderson's Twitter Conference on Applied Machine Learning in Information Security (CAMLIS) Machine Learning Security Evasion Competition Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn    Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Red-teaming AI with CounterFit

    Play Episode Listen Later Jun 9, 2021 32:40


    It's an all out offensive on today's episode while we talk about how the best defense is a good offense. But before we plan our attack, we need to know our vulnerabilities, and that's where our guest comes in.   On this episode, hosts Nic Fillingham and Natalia Godyla are joined by Will Pearce, who discusses his role as AI Red Team Lead from the Azure Trustworthy ML Group and how he works to find weaknesses in security infrastructure to better develop ways to prevent against attacks.   In This Episode You Will Learn:   The three main functions of counterfeit   Why the best defense is a good offense  Why Will and his team aren't worried about showing their hand by releasing this software as open source   Some Questions We Ask:   What previously developed infrastructure was the counterfeit tool built upon?  How AI red teaming differs from traditional specops red teaming  How did the counterfeit project evolve from conception to release?  Resources:   Will Pearce's LinkedIn AI security risk assessment using Counterfit  Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn    Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Pearls of Wisdom in the Security Signals Report

    Play Episode Listen Later Jun 2, 2021 30:57


    It's our 30th episode! And in keeping with the traditional anniversary gift guide, the 30th anniversary means a gift of pearls. So from us to you, dear listener, we've got an episode with some pearls of wisdom!   On today's episode, hosts Nic Fillingham and Natalia Godyla bring back returning champion, Nazmus Sakib, to take us through the new Security Signals Report. Sakib walks us through why the report was done and then helps us understand the findings and what they mean for security.   In This Episode You Will Learn:  How pervasive firmware is in our everyday lives  Why many people were vulnerable to firmware attacks  How companies are spending the money they allocate towards digital protection  Some Questions We Ask:  What was the hypothesis going into the Security Signals Report?  How do we protect ourselves from vulnerabilities that don't exist yet?  Were any of the findings from the report unexpected?  Resources  Nazmus Sakib's LinkedIn Security Signals Report Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Securing Hybrid Work: Venki Krishnababu, lululemon

    Play Episode Listen Later May 26, 2021 32:46


    On this week's Security Unlocked we're featuring for the second and final time, a special crossover episode of our sister-podcast, Security Unlocked: CISO Series with Bret Arsenault.   Lululemon has been on the forefront of athleisure wear since its founding in 1998, but while many of its customers look at it exclusively as a fashion brand,  at a deeper level this fashion empire is bolstered by a well thought out and maintained digital infrastructure that relies on a hard working team to run it.   On today's episode, Microsoft CISO Bret Arsenault sits down with Venki Krishnababu, SVP of Global Technology Services at Lululemon. They discuss the ways in which technology plays into the brand, how Venki lead a seamless transition into the remote work caused by the pandemic, and how he's using the experiences of the past year to influence future growth in the company.  In This Episode You Will Learn:  Why Venki feels so passionately about leading with empathy  Why Venki saw moving to remote work as only the tip of the iceberg; and how he handled what laid below.  Specific tools and practices that have lead to Venki's success  Some Questions We Ask:  What is the biggest lesson learned during the pandemic?  How does one facilitate effective management during this time?  How does Lululemon view the future of in-person versus remote work?  Resources:  Venki Krishnababu's LinkedIn Brett Arsenault's LinkedIn Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn   Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Enterprise Dish: Diving into CDNs and the Conferences Coming Up

    Play Episode Listen Later May 24, 2021 20:39


    On this edition of the Enterprise Dish, we talk about Petri site hosting, CDNs, and content cycles. Make sure to check out VeeamOn and Build this week.  

    Enterprise Dish: The Reasons to Backup Office 365 Data

    Play Episode Listen Later May 21, 2021 16:12


    On this edition of the Enterprise Dish, we dive into the controversial topic of backing up Office 365 data, taking a look at the Surface Headphones 2+, and using Teams for your personal life.

    Contact Us; Phish You!

    Play Episode Listen Later May 19, 2021 30:58


    Threat actors are pesky and, once again, they're up to no good. A new methodology has schemers compromising online forms where users submit their information like their names, email addresses, and, depending on the type of site, some queries relating to their life. This new method indicates that the attackers have figured out a way around the CAPTCHA's that have been making us all prove we're not robots by identifying fire hydrants since 1997. And what's more, we're not quite sure how they've done it.   In this episode, hosts Natalia Godyla and Nic Fillingham sit down with Microsoft threat analyst, Emily Hacker, to discuss what's going on behind the scenes as Microsoft begins to dig into this new threat and sort through how best to stop it.     In This Episode You Will Learn:  Why this attack seems to be more effective against specific professionals.  Why this new method of attack has a high rate of success.  How to better prepare yourself for this method of attack  Some Questions We Ask:  What is the endgame for these attacks?   What are we doing to protect against IceID in these attacks?  Are we in need of a more advanced replacement for CAPTCHA?  Resources:  Emily Hacker Investigating a Unique ‘Form' of Email Delivery for IcedID Malware Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Enterprise Dish: Preparing for Windows Today and Windows Tomorrow

    Play Episode Listen Later May 17, 2021 27:54


    On this episode of the Enterprise Dish, we dive into the transformations that are happening with Windows today, looking at the positioning of Windows for tomorrow, and how digital transformation starts with the bedrock of Windows. The post Enterprise Dish: Preparing for Windows Today and Windows Tomorrow appeared first on Petri.

    Securing the Cloud with Mark Russinovich

    Play Episode Listen Later May 12, 2021 30:08


    On this week's Security Unlocked, we're pulling a bait and switch! Instead of our regularly scheduled programming, we're going to be featuring the first episode of our new podcast, Security Unlocked: CISO Series with Bret Arsenault. Each episode is going to feature Microsoft's CISO Bret Arsenault sitting down with other top techies in Microsoft and other companies in the industry.   In its inaugural episode – which we're featuring on this episode – Bret sits down with Mark Russinovich, Chief Technology Officer of Microsoft's Azure. Mark has a unique perspective on cloud technologies and offers insight into the changes that have occurred over the past few years due to advancing technology and the unique challenges brought about during the coronavirus pandemic. Enjoy this first episode of the new series and remember to subscribe so you catch all the rest that are yet to come.   In This Episode You Will Learn:  The initialism FFUUEE and why it's important in understanding people's resistance to adopting newer security capabilities  Mark Russinovich's three points of advice for those looking to become more secure  Theories on improving MFA adoption across the board  Some Questions We Ask:  How do we think of cloud security now versus ten years ago?  What does a leading engineer think of moving toward a hybrid workforce?  How do you find and screen potential new team members in a remote world?  Resources  CISO Series with Bret Arsenault Brett Arsenault's LinkedIn Mark Russinovich's LinkedIn Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Ready or Not, Here A.I. Come!

    Play Episode Listen Later May 5, 2021 35:57


    Remember the good ole days when we spent youthful hours playing hide and seek with our friends in the park? Well it turns out that game of hide and seek isn't just for humans anymore. Researchers have begun putting A.I. to the test by having it play this favorite childhood game over and over and having the software optimize its strategies through automated reinforcement training.   In today's episode, hosts Nic Fillingham and Natalia Godyla speak with Christian Seifert and Joshua Neil about their blog post Gamifying machine learning for stronger security and AI models, and how Microsoft is releasing this new open-sourced code to help it learn and grow.   In This Episode, You Will Learn: What is Microsoft's CyberBattleSim?  What reinforcement learning is and how it is used in training A.I.  How the OpenAI Gym allowed for AI to be trained and rewarded for learning   Some Questions We Ask: Is an A.I. threat actor science fiction or an incoming reality?  What are the next steps in training the A.I.?  Who was the CyberBattleSim created for?  Resources: OpenAI Plays Hide and Seek…and Breaks The Game!

    Enterprise Dish: Choosing Containers and Upgrading 2012 R2

    Play Episode Listen Later Apr 29, 2021 17:45


    On this edition of the Enterprise Dish, we dive into containers news and knowledge, take a look at Build and VeeamOn, and help you get started with your 2012 R2 upgrade. The post Enterprise Dish: Choosing Containers and Upgrading 2012 R2 appeared first on Petri.

    Knowing Your Enemy: Anticipating Attackers' Next Moves

    Play Episode Listen Later Apr 28, 2021 40:30


    Anyone who's ever watched boxing knows that great reflexes can be the difference between a championship belt and a black eye. The flexing of an opponent's shoulder, the pivot of their hip - a good boxer will know enough not only to predict and avoid the incoming upper-cut, but will know how to turn the attack back on their opponent.  Microsoft's newest capabilities in Defender puts cyber attackers in the ring and predicts their next attacks as the fight is happening. On today's episode, hosts Nic Fillingham and Natalia Godyla speak with Cole Sodja, Melissa Turcotte, and Justin Carroll (and maybe even a secret, fourth guest!) about their blog post on Microsoft's Security blog about the new capabilities of using an A.I. to see the attacker's next move.  In This Episode, You Will Learn: What kind of data is needed for this level of threat detection and prevention?  The crucial nature of probabilistic graphical modeling in this process  The synergistic relationship between the automated capabilities and the human analyst    Some Questions We Ask: What kind of modeling is used and why?  What does the feedback loop between program and analyst look like?  What are the steps taken to identify these attacks?     Resources: Justin, Melissa's, and Cole's blog post Justin Carroll's LinkedIn Melissa Turcotte's LinkedIn Cole Sodja's LinkedIn Joshua Neil's LinkedIn Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Enterprise Dish: Serendipitous Collisions

    Play Episode Listen Later Apr 27, 2021 15:00


    On this edition of the Enterprise Dish, we talk about Microsoft changelogs, ShiftHappens, new Teams hardware, and a lot more. The post Enterprise Dish: Serendipitous Collisions appeared first on Petri.

    Below the OS: UEFI Scanning in Defender

    Play Episode Listen Later Apr 21, 2021 34:35


    All of us have seen – or at least, are familiar with – the antics of Tom and Jerry or Road Runner and Wile E. Coyote. In each one the coyote or the cat set up these elaborate plans to sabotage their foe, but time and time again, the nimble mouse and the speedy bird are able to outsmart their attackers. In our third episode discussing Ensuring Firmware Security, hosts Nic Fillingham and Natalia Godyla speak with Shweta Jha and Gowtham Reddy about developing the tools that allow for them to stay one step ahead of cybercriminals in the cat & mouse game that is cyber security.      In this Episode You Will Learn:  The new capabilities within Microsoft Defender to scan the Unified Extensible Firmware Interface (UEFI) How the LoJax attack compromised UEFI firmware How UEFI scanning emerged as a capability   Some Questions that We Ask:  Has UEFI scanning always been possible?  What types of signals is UEFI scanning searching for?  What are the ways bad actors may adjust to avoid UEFI scanning?  Resources:   Shweta Jha's LinkedIn Gowtham Reddy's LinkedIn Defender Blog Post Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    The Rising Tides of Security Awareness

    Play Episode Listen Later Apr 15, 2021 35:13


    On this episode of the Enterprise Dish, Microsoft is about to spend big on Nuance, security training cannot be overlooked, and a Surface Laptop 4 has arrived. The post The Rising Tides of Security Awareness appeared first on Petri.

    Inside Insider Risk

    Play Episode Listen Later Apr 14, 2021 39:21


    Throughout the course of this podcast series, we've had an abundance of great conversations with our colleagues at Microsoft about how they're working to better protect companies and individuals from cyber-attacks, but today we take a look at a different source of malfeasance: the insider threat. Now that most people are working remotely and have access to their company's data in the privacy of their own home, it's easier than ever to access, download, and share private information. On today's episode, hosts Nic Fillingham and Natalia Godyla sit down with Microsoft Applied Researcher, Rob McCann to talk about his work in identifying potential insider risk factors and the tools that Microsoft's Internal Security Team are developing to stop them at the source.  In This Episode, You Will Learn: The differences between internal and external threats in cybersecurity  Ways that A.I. can factor into anomaly detection in insider risk management  Why the rise in insider attacks is helping make it easier to address the issue Some Questions We Ask: How do you identify insider risk?  How do you create a tool for customers that requires an extreme amount of case-by-case customization?  How are other organizations prioritizing internal versus external risks? Resources: Rob McCann's Linkedin Rob McCann on Uncovering Hidden Risk Insider Risk Blog Post Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    The Language of Cybercrime

    Play Episode Listen Later Apr 7, 2021 39:43


    How many languages do you speak? The average person only speaks one or two languages, and for most people that's plenty because even as communities are becoming more global, languages are still very much tied to geographic boundaries. But what happens when you go on the internet where those regions don't exist the same way they do in real life? Because the internet connects people from every corner of the world, cybercriminals can perpetrate scams in countries thousands of miles away. So how do organizations like Microsoft's Digital Crime Unit combat cybercrime when they don't even speak the language of the perpetrators?   On today's episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla sit down with Peter Anaman, Principal Investigator on the Digital Crimes Unit, to discuss how Peter looks at digital crimes in a very interconnected world and how language and culture play into the crimes being committed, who's behind them, and how to stop them.   In This Episode, You Will Learn: Some of the tools the Digital Crime Unit at Microsoft uses to catch criminals.   How language and cultural factors into cyber crime  Why cyber crime has been on the rise since Covid began  Some Questions We Ask: How has understanding a specific culture helped crack a case?  How does a lawyer who served as an officer in the French Army wind up working at Microsoft?  Are there best practices for content creators to stay safe from cyber crime?  Resources Peter Anaman's LinkedIn Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Taking a Look at Windows Server 2022

    Play Episode Listen Later Apr 1, 2021 21:47


    On this episode of Enterprise Dish, we take a look at Windows Server 2022, searching across Azure regions, and the latest with Veeam V11. The post Taking a Look at Windows Server 2022 appeared first on Petri.

    The Human Element with Valecia Maclin

    Play Episode Listen Later Mar 31, 2021 36:31


    For Women's History Month, we wanted to share the stories of just a few of the amazing women who make Microsoft the powerhouse that it is. To wrap up the month, we speak with Valecia Maclin, brilliant General Engineering Manager of Customer Security & Trust, about the human element of cybersecurity.  In discussion with hosts Nic Fillingham and Natalia Godyla, Valecia speaks to how she transitioned into cybersecurity after originally planning on becoming a mechanical engineer, and how she oversees her teams with a sense of humanity - from understanding that working from home brings unique challenges, to going the extra mile to ensure that no member of the team feels like an insignificant cog in a big machine - Valecia is a shining example of what leadership should look like, and maybe humanity too.    In this Episode You Will Learn:  The importance of who is behind cybersecurity protocols  How Microsoft's Engineering, Customer Security & Trust team successfully transitioned to remote work under Valecia's leadership  Tips on being a more inclusive leader in the security space    Some Questions that We Ask:  What excites Valecia Maclin about the future of Cybersecurity  How does a mechanical engineering background affect a GM's role in Infosec  How Valecia Maclin, General Manager of Engineering, Customer Security & Trust, got to where she is today    Resources:   Valecia's LinkedIn Advancing Minorities' Interest in Engineering SAFECode Microsoft's TEALS Microsoft's DigiGirlz Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

    Claim Security Unlocked

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel