Hot sauce and hot takes: An Only Malware in the Building special. [OMITB]
Welcome in! You’ve entered, Only Malware in the Building — but this time, it’s not just another episode. This is a special edition you won’t want to miss.
For the first time, our hosts are together in-studio — and they’re turning up the heat. Literally. Join Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED, along with N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel, as they take on a fiery hot wings challenge while answering personal questions about themselves, their careers, and the stories that shaped them. Think you’ve seen them tackle malware mysteries before? Wait until you see them sweat.
This one’s too good for audio alone — you’ll want to watch the full video edition to catch every spicy reaction, every laugh, and maybe even a few tears.
So grab your milk, get ready to feel the burn, and come join us for this special hot take on Only Malware in the Building.
Learn more about your ad choices. Visit megaphone.fm/adchoices
--------
36:37
--------
36:37
Live from Black Hat: Ransomware, Responsible Disclosure, and the Rise of AI [Microsoft Threat Intelligence Podcast]
While our team is observing the Labor Day holiday in the US, we hope you will enjoy this episode of The Microsoft Threat Intelligence Podcast . New episodes airs on the N2K CyberWIre network every other Wednesday.
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is live from Black Hat 2025 with a special lineup of Microsoft security leaders and researchers.
First, Sherrod sits down with Tom Gallagher, VP of Engineering and head of the Microsoft Security Response Center (MSRC). Tom shares how his team works with researchers worldwide, why responsible disclosure matters, and how programs like Zero Day Quest (ZDQ) are shaping the future of vulnerability research in cloud and AI security. He also announced the next iteration of ZTQ with $5 million up for grabs.
Next, Sherrod is joined by Eric Baller (Senior Security Researcher) and Eric Olson (Principal Security Researcher) to unpack the fast-changing ransomware landscape. From dwell time collapsing from weeks to minutes, to the growing role of access brokers, they explore how attackers operate as organized ecosystems and how defenders can respond.
Finally, Sherrod welcomes Travis Schack (Principal Security Researcher) alongside Eric Olson to examine the mechanics of social engineering. They discuss how attackers exploit urgency, trust, and human curiosity, why AI is supercharging phishing campaigns, and how defenders can fight back with both training and technology.
In this episode you’ll learn:
How MSRC partners with researchers across 59 countries to protect customers
Why Zero Day Quest is accelerating vulnerability discovery in cloud and AI
How ransomware dwell times have shrunk from days to under an hour
Resources:
View Sherrod DeGrippo on LinkedIn
Zero Day Quest — Microsoft
Microsoft Security Response Center Blog
Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
Learn more about your ad choices. Visit megaphone.fm/adchoices
--------
43:56
--------
43:56
The labor behind the labor. [Special Edition]
This Labor Day, we’re celebrating more than just a holiday. Join us in celebrating not just the work, but the people who make it possible — the labor behind the labor.We’re honoring the people who bring their creativity, dedication, and passion to every corner of N2K. The work you hear, read, and see from us doesn’t happen by accident. It’s the result of talented colleagues who pour themselves into their craft, often in ways that don’t always get the spotlight. From shaping sound and refining scripts to building certification content and producing video, their labor is the heartbeat of what we do.In this special edition, host Ma’ayan Plaut introduces you to some of the voices behind the scenes: Elliott, whose audio artistry makes every show sing; Ethan, whose sharp analysis bridges policy and practice; Alice, whose storytelling brings energy and curiosity to the space industry; George and Ann, who create and refine the certification content that keeps us at the forefront of technology; and Sarelle, whose video production brings our stories to life. Together, they embody the care and creativity that define N2K.And if you’d like to see the labor behind the labor, we’ve also put together a video companion to this project — giving you another way to meet the team and experience their work in action. Be sure to check it out!
Learn more about your ad choices. Visit megaphone.fm/adchoices
--------
35:26
--------
35:26
Marina Ciavatta: Going after the human error. [Social engineer] [Career Notes]
Please enjoy this encore of Career Notes.
Social engineer and CEO of Hekate, Marina Ciavatta, shares her story of how people think her job is a la Mission Impossible coming from the ceiling with a rope and stealing stuff in the dead of the night. Marina does physical pentesting. Starting with an unused degree in journalism, Marina turned her talent for writing into a job as a content producer for a technology company and this appealed to her self-proclaimed nerdism. She fell in love with hacking and got into pentesting thanks to a friend. Marina recommends those interested in physical pentesting "try to find other social engineers to mingle. It's in the name. We are social creatures." We thank Marina for sharing her story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices
--------
11:06
--------
11:06
Cracks in the wall. [Research Saturday]
This week, we are joined by Jamie Levy, Director of Adversary Tactics at Huntress, who is discussing their work on "Active Exploitation of SonicWall VPNs." Huntress has released an urgent threat advisory on active exploitation of SonicWall VPNs, with attackers bypassing MFA, pivoting to domain controllers, and ultimately deploying Akira ransomware. The campaigns involve techniques such as disabling defenses, clearing logs, credential theft, and Bring Your Own Vulnerable Driver (BYOVD) attacks with legitimate Windows drivers.
Organizations using SonicWall devices are strongly advised to disable SSL VPN access or restrict it via IP allow-listing, rotate credentials, and hunt for indicators of compromise as this remains an ongoing and evolving threat.
Complete our annual audience survey before August 31.
The research can be found here:
Huntress Threat Advisory: Active Exploitation of SonicWall VPNs
Learn more about your ad choices. Visit megaphone.fm/adchoices
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
USA