logo
episode-header-image
Jan 2025
38m 40s

Disrupting Cracked Cobalt Strike [The Mi...

N2K Networks
About this episode

While we are on our winter publishing break, please enjoy an episode of our N2K CyberWire network show, The Microsoft Threat Intelligence Podcast by Microsoft Threat Intelligence. See you in 2025!


On this week's episode of The Microsoft Threat Intelligence Podcast, we discuss the collaborative effort between Microsoft and Fortra to combat the illegal use of cracked Cobalt Strike software, which is commonly employed in ransomware attacks.  To break down the situation, our host, Sherrod DeGrippo, is joined by Richard Boscovich, Assistant General Counsel at Microsoft, Jason Lyons, Principal Investigator with the DCU, and Bob Erdman, Associate VP Research and Development at Fortra. The discussion covers the creative use of DMCA notifications tailored by geographic region to combat cybercrime globally. The group express their optimism about applying these successful techniques to other areas, such as phishing kits, and highlight ongoing efforts to make Cobalt Strike harder to abuse.   

 

In this episode you’ll learn:      

  

  • The impact on detection engineers due to the crackdown on cracked Cobalt Strike 
  • Extensive automation used to detect and dismantle large-scale threats 
  • How the team used the DMCA creatively to combat cybercrime 

 

Some questions we ask:     

  

  •  Do you encounter any pushback when issuing DMCA notifications? 
  •  How do you plan to proceed following the success of this operation? 
  •  Can you explain the legal mechanisms behind this take-down? 

 

Resources:  

View Jason Lyons on LinkedIn 

View Bob Erdman on LinkedIn   

View Richard Boscovich on LinkedIn  

View Sherrod DeGrippo on LinkedIn  


 

Related Microsoft Podcasts:                   

 

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

 

Get the latest threat intelligence insights and guidance at Microsoft Security Insider 

 

 

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next
Yesterday
Beyond the smoke screen. [Research Saturday]
This week, we are joined by Dr. Renée Burton, VP of Infoblox Threat Intel, who is discussing their work on VexTrio, a notorious traffic distribution system (TDS) involved in digital fraud. The VexTrio investigation uncovers a massive global ad fraud and scam operation powered by ... Show More
22m 22s
Aug 22
A free speech showdown.
The FTC warns one country’s “online safety” may be another’s “censorship.” A new bipartisan bill aims to reduce barriers to federal cyber jobs. MURKY PANDA targets government, technology, academia, legal, and professional services in North America. MITRE updates their hardware we ... Show More
31m 48s
Aug 21
Behind the lock lies a flaw.
Zero-day clickjacking flaws affect major password managers. The FBI warns that Russian state-backed hackers are exploiting a long-known Cisco flaw. Apple releases emergency patches for a zero-day flaw in the Image I/O framework. Home Depot faces a proposed class action lawsuit ac ... Show More
24m 35s
Recommended Episodes
Jun 18
Scattered Spider Targets US Insurance, Microsoft Zero-Day, Major Database Breach, and AI Poison Pill
In this episode, host Jim Love delves into recent cybersecurity threats and breakthroughs. The notorious Scattered Spider hacker group has shifted its focus to US insurance companies after attacking UK retailers earlier this year. Microsoft's urgent security updates address activ ... Show More
11m 14s
Jul 1
Machine-Scale Defense and the Future of Cybersecurity
Jeetu Patel, President and Chief Product Officer at Cisco, joins Ann on this week's episode of Afternoon Cyber Tea to explore how artificial intelligence is reshaping the cybersecurity landscape. Jeetu shares insights on the urgent need for machine-scale defenses, the potential f ... Show More
29m 50s
Jun 17
The Human Firewall: People-First Cybersecurity
Dr. Aleise McGowan, Chief Information Security Officer of BlackGirlsHack and a 20-year cybersecurity veteran, joins Ann on this week's episode of Afternoon Cyber Tea. Aleise shares how a career-defining hack early on shifted her trajectory from developer to defender, and why she ... Show More
33m 3s
May 2022
Mitigating Future Risks
Katie Nickels, Director of Intelligence for Red Canary, joins Ann on this week's episode of Afternoon Cyber Tea. Katie has worked in security operations centers and cyber threat intelligence for nearly a decade, with degrees from Smith College and Georgetown University. Ann and K ... Show More
28m 49s
Apr 2025
Stopping Social Engineered Vishing Attacks Before They Start
Social engineering continues to be the primary gateway for cyberattacks, responsible for nearly 80% of fraud and ransomware incidents. And notably, 1 in 4 of these social engineering attacks originate via phone calls. Yet many enterprises continue to leave their phone systems exp ... Show More
41m 52s
Dec 2024
Stopping Deepfake Threats Through Identity Verification
In this episode, Aaron Painter, CEO at Nametag, joins me in discussing the Deepfake fraud phenomenon and how organizations and individuals should protect themselves from such scams. A recent study conducted by finance software provider Medius finds that over 53% of businesses in ... Show More
33m 28s
May 2021
The Cybersecurity Readiness Podcast Trailer
Welcome to the Cybersecurity Readiness Podcast! The Podcast serves to have a reflective, thought-provoking and jargon free discussion on how to enhance the state of cybersecurity at an individual, organizational and national level. Host Dr. Dave Chatterjee converses with subject ... Show More
1m 40s
Dec 2024
Lessons from 2024's Biggest Cyber Incidents and Building Stronger Defenses for 2025
In this episode, Shrav Mehta, Founder, and CEO at Secureframe, joins me to discuss major cybersecurity incidents in 2024, highlighting five significant breaches: National Public Data (2.7 billion records), AT&T (50 billion), Ticketmaster (500 million), Change Healthcare (145 mill ... Show More
36m 10s
Jul 13
TWiT 1040: The $100,000 Stapler - Veo 3 and Deepfakes
A New Era of Internet Regulation Is About to Begin Australia is quietly rolling out age checks for search engines like Google Bluesky is rolling out age verification in the UK House "crypto week" could change how Americans use, save money Latest stablecoin bill addresses foreign ... Show More
3h 8m
Mar 2025
The X Attack - More Information Surfaces: Cyber Security Today for Wednesday, March 12, 2024
Cybersecurity Today: From DDoS Attacks to Developer Sabotage In today's episode, host Jim Love discusses several major cybersecurity incidents: the pro-Palestinian group Dark Storm's claimed DDoS attack on X Twitter and its implications; the impact of budget cuts from the Departm ... Show More
13m 47s
Listen to millions of songs and podcasts on Anghami