Recorded live at RSAC 2025, this special episode of the Microsoft Threat Intelligence Podcast, hosted by Sherrod DeGrippo, brings together Jeremy Dallman from the Microsoft Threat Intelligence and Steven Masada from Microsoft’s Digital Crimes Unit.  

The panel explores the psychology and techniques behind nation-state and criminal cyber actors, how Microsoft innovatively uses legal and technical disruption to dismantle threats like Cobalt Strike and Storm-2139, and the growing trend of adversaries leveraging AI. From North Korean fake job interviews to China's critical infrastructure infiltration, this episode highlights how Microsoft is staying ahead of the curve—and sometimes even rewriting the playbook. 

In this episode you’ll learn:      

How targeting attacker techniques is more effective than chasing specific actors 

The surprising ways threat actors use AI—for productivity, not just deepfakes 

Why North Korean threat actors are building full-blown video games to drop malware 

Some questions we ask:     

What’s the role of Microsoft’s Digital Crimes Unit and how is it unique in the industry? 

Why should cybersecurity professionals read legal indictments? 

What impact did Microsoft’s legal actions have on tools like Cobalt Strike and Quakbot? 

Resources:  

View Jeremy Dallman on LinkedIn  

View Steven Masada on LinkedIn  

View Sherrod DeGrippo on LinkedIn  

Bold action against fraud: Disrupting Storm-1152 

Related Microsoft Podcasts:                   

Afternoon Cyber Tea with Ann Johnson 

The BlueHat Podcast 

Uncovering Hidden Risks     

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Get the latest threat intelligence insights and guidance at Microsoft Security Insider 

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.