Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
Player FM - Internet Radio Done Right
12 subscribers
Checked 1d ago
Added two years ago
Content provided by Bruce Bracken. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Bruce Bracken or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Similar to The BlueHat Podcast
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Embedded is the show for people who love gadgets. Making them, breaking them, and everything in between. Weekly interviews with engineers, educators, and enthusiasts. Find the show, blog, and more at embedded.fm.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
How does artificial intelligence change when people — not profit — truly come first? Join IRL’s host Bridget Todd, as she meets people around the world building responsible alternatives to the tech that’s changing how we work, communicate, and even listen to music.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Podcasts Worth a Listen
SPONSORED
W
Worth Knowing with Bonnie Habyan
1 #11: From OJ Simpson Case to Best Selling Author - Marcia Clark Shares Latest Real Crime Book Release and How Resilience Is Key to Success and Reinvention 34:35
34:35 
Play Later 
Play Later 
Lists 
Like 
Liked34:35
Play Later
Play Later
Lists
Like
LikedMarcia Clark, best known as the lead prosecutor in the O.J. Simpson trial, has become a trailblazer for women in law and beyond. Her journey from courtroom to bestselling author reflects her resilience and determination to redefine herself amidst intense public scrutiny. On this episode of Worth Knowing, Clark dives into her latest book, *Trial by Ambush*, which examines the 1953 Barbara Graham case—a story that highlights gender bias, media sensationalism, and the notion that all cases are subject to societal, cultural, and political winds. Clark shares how her experiences during the Simpson trial shaped her perspective on societal pressures and the role of women in high-stakes professions. Her reflections on how media, forensic science, and legal practices have evolved over decades offer valuable insights into the intersection of law and culture. This conversation is a compelling exploration of true crime, personal growth, and how Clark’s groundbreaking career continues to inspire a new generation of women to challenge norms and forge their own paths. Marcia Clark is a bestselling author and a criminal lawyer who began her career in law as a criminal defense attorney and went on to become a prosecutor in the L.A. District Attorney's Office in 1981. She spent ten years in the Special Trials Unit, where she handled a number of high-profile cases, including the prosecution of stalker/murderer Robert Bardo, whose conviction for the murder of actress Rebecca Schaeffer resulted in legislation that offered victims better protection from stalkers as well as increased punishment for the offenders. She was lead prosecutor for the O.J. Simpson murder trial. In May of 1997 her book on the Simpson case, "Without a Doubt," was published and reached #1 on the New York Times, Wall St. Journal, Washington Post, Los Angeles Times, and Publishers Weekly bestsellers lists. In February 2016, Clark re-released the book with a new foreword. Resources Sign up for the Worth Knowing LinkedIn Newsletter to stay up to date: https://www.linkedin.com/newsletters/worth-knowing-7236433935503618048/ Follow Bonnie on LinkedIn: https://www.linkedin.com/in/bonnie-habyan/ Go to the Worth Knowing website: https://www.worthknowing.show Check out The Agile Brand Guide website with articles, insights, and Martechipedia, the wiki for marketing technology: https://www.agilebrandguide.com The Agile Brand is produced by Missing Link—a Latina-owned strategy-driven, creatively fueled production co-op. From ideation to creation, they craft human connections through intelligent, engaging and informative content. https://www.missinglink.company…
Refactoring the Windows Kernel with Joe Bialek
Manage episode 462411506 series 3486243
Content provided by Bruce Bracken. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Bruce Bracken or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by BlueHat 2024 presenter Joe Bialek, a security engineer at Microsoft with over 13 years of experience. Joe shares his fascinating journey from intern to red team pioneer, recounting how he helped establish the Office 365 Red Team and pushed the boundaries of ethical hacking within Microsoft. He discusses his formative years building sneaky hacking tools, navigating the controversial beginnings of red teaming, and transitioning to the Windows Security Team to focus on low-level security and mitigations. Joe reflects on the challenges of internal hacking, the human reactions to being "hacked," and the value of strengthening defenses before external threats arise.
In This Episode You Will Learn:
- How Microsoft is developing tooling to identify and address bad programming patterns
- Why kernel-related discussions are primarily focused on Windows and driver developers
- The challenges developers face when reading and writing through pointers in C or C++
Some Questions We Ask:
- How does working with the Windows kernel impact system security and performance?
- What sets Windows kernel and driver development apart from other types of development?
- Why should internal teams test systems for vulnerabilities before external hackers?
Resources:
View Nic Fillingham on LinkedIn
BlueHat 2024 Session: Pointer Problems – Why We’re Refactoring the Windows Kernel
Related Microsoft Podcasts:
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.
56 episodes
ShareManage episode 462411506 series 3486243
Content provided by Bruce Bracken. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Bruce Bracken or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by BlueHat 2024 presenter Joe Bialek, a security engineer at Microsoft with over 13 years of experience. Joe shares his fascinating journey from intern to red team pioneer, recounting how he helped establish the Office 365 Red Team and pushed the boundaries of ethical hacking within Microsoft. He discusses his formative years building sneaky hacking tools, navigating the controversial beginnings of red teaming, and transitioning to the Windows Security Team to focus on low-level security and mitigations. Joe reflects on the challenges of internal hacking, the human reactions to being "hacked," and the value of strengthening defenses before external threats arise.
In This Episode You Will Learn:
- How Microsoft is developing tooling to identify and address bad programming patterns
- Why kernel-related discussions are primarily focused on Windows and driver developers
- The challenges developers face when reading and writing through pointers in C or C++
Some Questions We Ask:
- How does working with the Windows kernel impact system security and performance?
- What sets Windows kernel and driver development apart from other types of development?
- Why should internal teams test systems for vulnerabilities before external hackers?
Resources:
View Nic Fillingham on LinkedIn
BlueHat 2024 Session: Pointer Problems – Why We’re Refactoring the Windows Kernel
Related Microsoft Podcasts:
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.
56 episodes
All episodes
×
T
The BlueHat Podcast
1 Protecting AI at the Edge with David Weston 39:15
39:15 Play Later Play Later Lists Like Liked39:15
Play Later Play Later Lists Like LikedIn this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone share David Weston’s keynote from BlueHat India 2025. David explores the growing role of on-device AI in Windows, the security risks it introduces, and how Microsoft is rethinking architecture to defend against new threats like model tampering, data exfiltration, and AI-powered malware. He also shares insights on innovations like Windows Recall, biometric protection, and the future of secure, agentic operating systems. In This Episode You Will Learn: How AI integration in Windows (like Windows Recall and MS Paint) is evolving Emerging threats from protocols like MCP and CUAs What a “confused deputy” attack is, and how Microsoft is protecting users Some Questions We Ask: What are the biggest security threats in on-device AI—data, model, or runtime? Can AI be used to accelerate post-compromise attacks? What will it take to bring Azure-level confidential computing to the consumer device? Resources: View David Weston on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.…
T
The BlueHat Podcast
In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Felix Boulet fresh off his participation in Zero Day Quest. Felix talks about his unique journey from industrial maintenance to becoming a full-time vulnerability researcher, and how that background fuels his passion for hacking and bug bounty work. He explains his method for finding bugs in Microsoft products—particularly in identity systems—and why identity is such a valuable target for attackers. Felix also shares highlights from the Zero Day Quest event, where he focused on building connections, learning from Microsoft engineers, and experiencing the collaborative side of the security community. In This Episode You Will Learn: Why identity-based bugs are especially valuable and dangerous in the security world When breaking identity controls can be the key to pivoting through an entire system How SharePoint's concept of "virtual files" impacts vulnerability validation Some Questions We Ask: What was your first bug bounty experience? Can you explain what the flash challenges were and what your experience was like? Do you think sharing bug ideas could cost you a bounty? Resources: View Felix Boulet on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.…
T
The BlueHat Podcast
In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Marco Ivaldi , co-founder and technical director of HN Security, a boutique company specializing in offensive security services, shares his journey from hacking as a teenager in the '80s to becoming a key figure in the security research community. With nearly three decades of experience in cybersecurity, Marco digs into the ongoing challenges, particularly in Active Directory and password security, highlighting vulnerabilities that continue to pose significant risks today. He recounts his unexpected path into bug bounty hunting, including his involvement in Microsoft's Zero Day Quest and his passion for auditing real-time operating systems like Azure RTOS. In This Episode You Will Learn : How Marco taught himself BASIC and assembly through cassette tapes and trips to local libraries Why mentorship and positive leadership can catapult your cybersecurity career When measuring network response times can unintentionally leak valuable info Some Questions We Ask: Do you remember the first time you made code do something unexpected? What was your experience like in the Zero Day Quest building for those three days? How are you thinking of approaching fuzzing after Zero Day Quest? Resources: View Marco Ivaldi on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn HN SECURITY Learn More About Marco Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.…
T
The BlueHat Podcast
1 From Facebook-phished to MVR Top 5 with Dhiral Patel 41:45
41:45 Play Later Play Later Lists Like Liked41:45
Play Later Play Later Lists Like LikedIn this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Dhiral Patel , Senior Security Engineer at ZoomInfo and one of MSRC’s Most Valuable Researchers (MVR). Dhiral shares how a hacked Facebook account sparked his passion for ethical hacking. From web development to penetration testing, Dhiral has become a top bug hunter, landing multiple spots on the MSRC leaderboards. Dhiral reflects on his early MSRC submissions and lessons learned. He also discusses the importance of mastering web security basics, practicing on platforms like TryHackMe and Hack the Box, and staying connected with the bug bounty community. In This Episode You Will Learn : The importance of mastering web security basics before diving into bug bounty hunting Why hands-on platforms like TryHackMe and Hack the Box are perfect for beginners Dhiral’s journey from blogging to freelancing and security research Some Questions We Ask: How do you balance competition and collaboration in the bug bounty community? Can you explain what clickjacking is and if it still works today? Why did you start with Power BI, and how did it lead to your journey in security? Resources: View Dhiral Patel on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.…
T
The BlueHat Podcast
1 AI & the Hunt for Hidden Vulnerabilities with Tobias Diehl 35:25
35:25 Play Later Play Later Lists Like Liked35:25
Play Later Play Later Lists Like LikedIn this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by security researcher Tobias Diehl , a top contributor to the Microsoft Security Research Center (MSRC) leaderboards and a Most Valuable Researcher. Tobias shares his journey from IT support to uncovering vulnerabilities in Microsoft products. He discusses his participation in the upcoming Zero Day Quest hacking challenge and breaks down a recent discovery involving Power Automate, where he identified a security flaw that could be exploited via malicious URLs. Tobias explains how developers can mitigate such risks and the importance of strong proof-of-concept submissions in security research. In This Episode You Will Learn : Researching vulnerabilities in Power Automate, Power Automate Desktop, and Azure The importance of user prompts to prevent unintended application behavior Key vulnerabilities Tobias looks for when researching Microsoft products Some Questions We Ask: Have you submitted any AI-related findings to Microsoft or other bug bounty programs? How does the lack of visibility into AI models impact the research process? Has your approach to security research changed when working with AI versus traditional systems? Resources: View Tobias Diehl on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.…
T
The BlueHat Podcast
1 Bug Hunting from the Beach with Brad Schlintz 38:43
38:43 Play Later Play Later Lists Like Liked38:43
Play Later Play Later Lists Like LikedIn this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Brad Schlintz , independent security researcher and bug bounty hunter. Brad shares how he transitioned from a decade-long career as a software engineer to hacking Microsoft products while traveling the world with his wife. He recounts his early days tinkering with RuneScape bots, his experience working in SharePoint and Azure at Microsoft, and the moment he first encountered a real-world cybersecurity incident. He also discusses his journey into ethical hacking and his qualification for the upcoming Zero Day Quest, showcasing how he turned bug hunting into a lifestyle that allows him to work from anywhere—including a stunning island in Brazil. In This Episode You Will Learn : How a single discovered bug can lead to finding multiple vulnerabilities in the same area The importance of exploring app integrations when searching for security vulnerabilities Why building on prior discoveries can make it easier to uncover more hidden security issues Some Questions We Ask: What guidance can you share with other researchers and hackers on how to find vulnerabilities? Why did your background in software engineering help you in your bug bounty work? How did you transition from working on the website incident to more full-time security research? Resources: View Brad Schlintz on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.…
T
The BlueHat Podcast
1 PoCs, Patching and Zero Day Quest Participation with Michael Gorelik 46:25
46:25 Play Later Play Later Lists Like Liked46:25
Play Later Play Later Lists Like LikedIn this episode of The BlueHat Podcast, Nic and Wendy are joined by seasoned security researcher, and CTO of Morphisec, Michael Gorelik. Michael discusses his approach to security research, which often begins by exploring PoCs released by other researcher groups and continues through to the release and validation of – sometimes multiple rounds of – fixes. Michael also provides an overview of this BlueHat 2024 presentation from last October and discusses his upcoming participation in the Zero Day Quest Onsite Hacking Challenge. In This Episode You Will Learn : How Michael Gorelik transitioned from security researcher to company founder Deeper motivations driving ethical hackers like Michael Gorelik beyond money The importance of identifying incomplete security patches before attackers do Some Questions We Ask: What are you looking forward to with Zero Day Quest? Did you have a moral dilemma about hacking when you were younger? What was your experience like at Deutsche Telekom Laboratories? Resources: View Michael Gorelik on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.…
T
The BlueHat Podcast
1 Secret Herbs, Spices and Hacking Copilot Studio 43:58
43:58 Play Later Play Later Lists Like Liked43:58
Play Later Play Later Lists Like LikedIn this episode of The BlueHat Podcast, host Nic Fillingham is joined by Scott Gorlick , Security Architect for Power Platform at Microsoft. Scott shares his unconventional journey into cybersecurity, from managing a KFC to driving big rigs before landing in tech. He dives into security research in Copilot Studio, discussing how AI models interact with security frameworks and how researchers can approach testing these systems. We also explore his recent training video on YouTube , which provides guidance for security researchers looking to engage with Microsoft’s bug bounty program. In This Episode You Will Learn : What Scott does to ensure Power Platform applications remain governable and secure Why security and software quality go hand in hand in modern development. How security researchers can explore vulnerabilities in Microsoft's low-code AI development platform Some Questions We Ask: What kinds of security issues should researchers focus on in Copilot Studio? Can Copilot help researchers write better reports, especially in different languages? How can researchers get access to Copilot Studio? Is there a free version? Resources: View Scott Gorlick on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Security Research in Copilot Studio Overview and Training on YouTube Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts…
T
The BlueHat Podcast
1 Automating Dynamic Application Security Testing at Scale 45:56
45:56 Play Later Play Later Lists Like Liked45:56
Play Later Play Later Lists Like LikedIn this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by Jason Geffner , Principal Security Architect at Microsoft, to discuss his groundbreaking work on scaling and automating Dynamic Application Security Testing (DAST). Following on from his BlueHat 2024 session , and outlined in this MSRC blog post , Jason explains the key differences between DAST, SAST, and IAST, and dives into the challenges of scaling DAST at Microsoft’s enterprise level, detailing how automation eliminates manual configuration and improves efficiency for web service testing. In This Episode You Will Learn : Overcoming the challenges of authenticated requests for DAST tools The importance of API specs for DAST and how automation streamlines the process Insights into how Microsoft uses DAST to protect its vast array of web services Some Questions We Ask: What's a lesson from this work that you can share with those without Microsoft's resources? Can you explain what the transparent auth protocol is that you mentioned in the blog post? How is your work reducing the manual effort needed to configure DAST system services? Resources: View Jason Geffner on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Blog Post: Scaling Dynamic Application Security Testing (DAST) | MSRC Blog Related BlueHat Session Recording: BlueHat 2024: S10: How Microsoft is Scaling DAST Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts…
T
The BlueHat Podcast
1 Refactoring the Windows Kernel with Joe Bialek 47:14
47:14 Play Later Play Later Lists Like Liked47:14
Play Later Play Later Lists Like LikedIn this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by BlueHat 2024 presenter Joe Bialek , a security engineer at Microsoft with over 13 years of experience. Joe shares his fascinating journey from intern to red team pioneer, recounting how he helped establish the Office 365 Red Team and pushed the boundaries of ethical hacking within Microsoft. He discusses his formative years building sneaky hacking tools, navigating the controversial beginnings of red teaming, and transitioning to the Windows Security Team to focus on low-level security and mitigations. Joe reflects on the challenges of internal hacking, the human reactions to being "hacked," and the value of strengthening defenses before external threats arise. In This Episode You Will Learn : How Microsoft is developing tooling to identify and address bad programming patterns Why kernel-related discussions are primarily focused on Windows and driver developers The challenges developers face when reading and writing through pointers in C or C++ Some Questions We Ask: How does working with the Windows kernel impact system security and performance? What sets Windows kernel and driver development apart from other types of development? Why should internal teams test systems for vulnerabilities before external hackers? Resources: View Joe Bialek on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn BlueHat 2024 Session: Pointer Problems – Why We’re Refactoring the Windows Kernel Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.…
T
The BlueHat Podcast
1 Defending Against NTLM Relay Attacks with Rohit Mothe and George Hughey 40:08
40:08 Play Later Play Later Lists Like Liked40:08
Play Later Play Later Lists Like LikedIn this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone welcome back George Hughey and Rohit Mothe from the Microsoft Security Response Center (MSRC) to discuss their latest blog post on mitigating NTLM relay attacks by default. George and Rohit explain their roles in vulnerability hunting and delve into NTLM, a 40-year-old authentication protocol, outlining its vulnerabilities and the risks of relay attacks, which function as a type of man-in-the-middle exploit. They highlight Microsoft's move to a "secure by default" approach, ensuring mitigations like channel binding are enabled automatically, providing stronger protections across services like Exchange, Active Directory Certificate Services (ADCS), and LDAP. In This Episode You Will Learn : Steps users can take to enhance security in their environments Why legacy protocols remain a challenge and what the future might hold The challenges and successes of improving authentication security Some Questions We Ask: What is an NTLM relay attack, and how does it work? Can you explain channel binding and its role in preventing NTLM relay attacks? What challenges arise from modernizing authentication in complex environments? Resources: View George Hughey on LinkedIn View Rohit Mothe on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts…
T
The BlueHat Podcast
1 Navigating AI Safety and Security Challenges with Yonatan Zunger [Encore] 53:34
53:34 Play Later Play Later Lists Like Liked53:34
Play Later Play Later Lists Like LikedYonatan Zunger , CVP of AI Safety & Security at Microsoft joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Yonatan explains the distinction between generative and predictive AI, noting that while predictive AI excels in classification and recommendation, generative AI focuses on summarizing and role-playing. He highlights how generative AI's ability to process natural language and role-play has vast potential, though its applications are still emerging. He contrasts this with predictive AI's strength in handling large datasets for specific tasks. Yonatan emphasizes the importance of ethical considerations in AI development, stressing the need for continuous safety engineering and diverse perspectives to anticipate and mitigate potential failures. He provides examples of AI's positive and negative uses, illustrating the importance of designing systems that account for various scenarios and potential misuses. In This Episode You Will Learn : How predictive AI anticipates outcomes based on historical data The difficulties and strategies involved in making AI systems safe and secure from misuse How role-playing exercises help developers understand the behavior of AI systems Some Questions We Ask: What distinguishes predictive AI from generative AI? Can generative AI be used to improve decision-making processes? What is the role of unit testing and test cases in policy and AI system development? Resources: View Yonatan Zunger on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts…
T
The BlueHat Podcast
1 Johann Rehberger on Researching AI & LLM Attacks 49:20
49:20 Play Later Play Later Lists Like Liked49:20
Play Later Play Later Lists Like LikedIn this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by Johann Rehberger , security expert and Red Team director at Electronic Arts. Johann shares his career journey through roles at Microsoft, Uber, and EA, highlighting his expertise in red teaming and cybersecurity. Johann shares the inspiration behind his book on Red Team strategies and discusses his BlueHat 2024 talk on prompt injection vulnerabilities, a critical and evolving AI security challenge. Johann breaks down the distinction between prompt injection and jailbreaking, offering insights into the potential risks, including data exfiltration and system unavailability, and emphasizes the importance of securing Red Teams themselves. In This Episode You Will Learn : Why AI tools should have stricter default settings to control what kind of outputs they generate The importance of reading technical documentation to understand how AI systems are built Why developers should implement stronger filters for what tokens are allowed to be emitted by LLMs Some Questions We Ask: How are prompt injection and SQL injection similar, and how are they different? What is AI spyware, and how does it exploit memory tools in ChatGPT? Does AI jailbreaking access the LLM’s core system like iPhone jailbreaking does the OS? Resources: View Johann Rehberger on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts…
T
The BlueHat Podcast
1 BlueHat 2024 Day 2 Keynote: Amanda Silver, CVP Microsoft Developer Division 45:42
45:42 Play Later Play Later Lists Like Liked45:42
Play Later Play Later Lists Like LikedIn this episode of T he BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone present an insightful address by Corporate Vice President and Head of Product for Microsoft's Developer Division, Amanda Silver . Amanda discusses the importance of securing the software supply chain and Microsoft's efforts to protect the open-source ecosystem. She introduces the Secure Software Supply Chain Consumption Framework (S2C2F), a model for tracking and defending against vulnerabilities in open-source dependencies. Silver highlights tools like Dependabot and improvements in NuGet to help developers address security issues seamlessly. She also shares a case study on the "XZ" supply chain attack, underscoring the need for a security mindset in tech culture. Silver closes by urging listeners to adopt a proactive approach to cybersecurity, emphasizing that attacks are inevitable. Resources: View Amanda Silver on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.…
T
The BlueHat Podcast
1 BlueHat 2024 Day 1 Keynote: Chris Wysopal AKA Weld Pond 47:50
47:50 Play Later Play Later Lists Like Liked47:50
Play Later Play Later Lists Like LikedIn episode 41 of The BlueHat Podcast we bring you the BlueHat 2024 day 1 keynote address given by Chris Wysopal , also known as Weld Pond, founder and Chief Security Evangelist at VeraCode, and founding member of the L0pht. Chris’ talk - A Clash of Cultures Comes Together to Change Software Security - recounts the early days of “hacking” and how the industry evolved to embrace vulnerability discovery and coordinated, responsible disclosure. Chris presentation provides a fascinating reflection on a tumultuous period for Microsoft around 2001, marked by significant vulnerability discoveries, which ultimately led to the establishment of the Organization for Internet Safety and the consultancy AtStake, transforming the security landscape and professionalizing the role of hackers. Watch Chris’ BlueHat 2024 Day 1 Keynote here: https://youtu.be/w6SAqT4ZQik Resources: View Chris Wysopal on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts…
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Daily Deals
Similar to The BlueHat Podcast
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Embedded is the show for people who love gadgets. Making them, breaking them, and everything in between. Weekly interviews with engineers, educators, and enthusiasts. Find the show, blog, and more at embedded.fm.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
How does artificial intelligence change when people — not profit — truly come first? Join IRL’s host Bridget Todd, as she meets people around the world building responsible alternatives to the tech that’s changing how we work, communicate, and even listen to music.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
