In this episode of The BlueHat Podcast, host Nic Fillingham is joined by George Hughey from Microsoft who returns to discuss his Blue Hat India talk on variant hunting, explaining how MSRC uses submission data from hacking competitions like Pwn2Own and Tianfu Cup to uncover additional security vulnerabilities in Windows. George shares how incentives in competitions differ from bug bounty programs, how tools like CodeQL assist variant hunting, and why collaborating with the security research community is key to improving Windows security. 

In This Episode You Will Learn:  

• How hacking competitions help find real-world Windows vulnerabilities 
• The role of MSRC in hunting variants beyond submitted vulnerabilities 
• Why fuzzing is not always effective for modern edge cases 

Some Questions We Ask: 

• How do you decide which cases to pursue for variant hunting? 
• What advice do you have for researchers submitting variants? 
• How does the CodeQL team collaborate with your team? 

Resources:      

View George Hughey on LinkedIn     

View Wendy Zenone on LinkedIn   

View Nic Fillingham on LinkedIn  

Related Microsoft Podcasts:   

• Microsoft Threat Intelligence Podcast   
• Afternoon Cyber Tea with Ann Johnson   
• Uncovering Hidden Risks   

Discover and follow other Microsoft podcasts at microsoft.com/podcasts   

Hosted on Acast. See acast.com/privacy for more information.

In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Mike Macelletti from Microsoft’s MSRC Vulnerabilities and Mitigations team to explore Redirection Guard, a powerful mitigation designed to tackle a long-standing class of file path redirection vulnerabilities in Windows. Mike shares how his interest in security began, the journey behind developing Redirection Guard, and how it's helping reduce a once-common bug class across Microsoft products. He also explains how the feature works, why it's impactful, and what developers can do to adopt it. Plus, a few fun detours into Solitaire hacking, skiing, and protein powder. 

In This Episode You Will Learn:  

• What Redirection Guard is and how it helps prevent file system vulnerabilities 
• How Microsoft identifies and addresses common bug classes across their ecosystem 
• Why some vulnerabilities still slip past Redirection Guard and what’s out of scope 

Some Questions We Ask: 

• What is a junction and how is it different from other redirects? 
• How does Redirection Guard decide which shortcuts to block? 
• Are there vulnerabilities Redirection Guard doesn’t cover? 

Resources:      

View Mike Macelletti on LinkedIn     

View Wendy Zenone on LinkedIn   

View Nic Fillingham on LinkedIn  

Related Microsoft Podcasts:   

• Microsoft Threat Intelligence Podcast   
• Afternoon Cyber Tea with Ann Johnson   
• Uncovering Hidden Risks   

Discover and follow other Microsoft podcasts at microsoft.com/podcasts   

Hosted on Acast. See acast.com/privacy for more information.

In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone share Ram Shankar Siva Kumar’s dynamic keynote from BlueHat India 2025, where he explores the evolving threat landscape of AI through the lens of the Microsoft AI Red Team. From adversarial machine learning to psychosocial harms and persuasive AI, Ram highlights real-world case studies, including prompt injection, content safety violations, and memory poisoning in AI agents. Ram underscores the urgent need for robust red teaming practices to secure AI systems against traditional security flaws and emerging threats across images, text, audio, and autonomous agents. 

In This Episode You Will Learn:  

• Why old-school security flaws still break modern AI systems 
• Real-world AI red teaming in action, from scams to memory hacks 
• How small input tweaks can fool AI across images, audio, and text 

Some Questions We Ask: 

• Can attackers fool AI using just slight image changes? 
• Are generative AI systems vulnerable to prompt manipulation? 
• Do you need to be an expert to break an AI model? 

Resources:      

View Ram Shankar Siva Kumar on LinkedIn    

View Wendy Zenone on LinkedIn   

View Nic Fillingham on LinkedIn  

Watch Ram’s BlueHat India 2025 Keynote: BlueHat India 2025 Day 2 Keynote - Ram Shankar Siva Kumar 

Listen to Ram’s Previous Appearance on The BlueHat Podcast: Not with a Bug but with a Sticker 

Related Microsoft Podcasts:   

• Microsoft Threat Intelligence Podcast   
• Afternoon Cyber Tea with Ann Johnson   
• Uncovering Hidden Risks   

Discover and follow other Microsoft podcasts at microsoft.com/podcasts   

Hosted on Acast. See acast.com/privacy for more information.

In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone share David Weston’s keynote from BlueHat India 2025. David explores the growing role of on-device AI in Windows, the security risks it introduces, and how Microsoft is rethinking architecture to defend against new threats like model tampering, data exfiltration, and AI-powered malware. He also shares insights on innovations like Windows Recall, biometric protection, and the future of secure, agentic operating systems. 

In This Episode You Will Learn:  

• How AI integration in Windows (like Windows Recall and MS Paint) is evolving 
• Emerging threats from protocols like MCP and CUAs 
• What a “confused deputy” attack is, and how Microsoft is protecting users 

Some Questions We Ask: 

• What are the biggest security threats in on-device AI—data, model, or runtime? 
• Can AI be used to accelerate post-compromise attacks? 
• What will it take to bring Azure-level confidential computing to the consumer device? 

Resources:      

View David Weston on LinkedIn   

View Wendy Zenone on LinkedIn   

View Nic Fillingham on LinkedIn  

Related Microsoft Podcasts:   

• Microsoft Threat Intelligence Podcast   
• Afternoon Cyber Tea with Ann Johnson   
• Uncovering Hidden Risks   

Discover and follow other Microsoft podcasts at microsoft.com/podcasts   

Hosted on Acast. See acast.com/privacy for more information.

In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Felix Boulet fresh off his participation in Zero Day Quest. Felix talks about his unique journey from industrial maintenance to becoming a full-time vulnerability researcher, and how that background fuels his passion for hacking and bug bounty work. He explains his method for finding bugs in Microsoft products—particularly in identity systems—and why identity is such a valuable target for attackers. Felix also shares highlights from the Zero Day Quest event, where he focused on building connections, learning from Microsoft engineers, and experiencing the collaborative side of the security community.

In This Episode You Will Learn:

• Why identity-based bugs are especially valuable and dangerous in the security world
• When breaking identity controls can be the key to pivoting through an entire system
• How SharePoint's concept of "virtual files" impacts vulnerability validation

Some Questions We Ask:

• What was your first bug bounty experience?
• Can you explain what the flash challenges were and what your experience was like?
• Do you think sharing bug ideas could cost you a bounty?

Resources:

View Felix Boulet on LinkedIn

View Wendy Zenone on LinkedIn   

View Nic Fillingham on LinkedIn

Related Microsoft Podcasts:

• Microsoft Threat Intelligence Podcast 
• Afternoon Cyber Tea with Ann Johnson 
• Uncovering Hidden Risks 

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Hosted on Acast. See acast.com/privacy for more information.

In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Marco Ivaldi, co-founder and technical director of HN Security, a boutique company specializing in offensive security services, shares his journey from hacking as a teenager in the '80s to becoming a key figure in the security research community. With nearly three decades of experience in cybersecurity, Marco digs into the ongoing challenges, particularly in Active Directory and password security, highlighting vulnerabilities that continue to pose significant risks today. He recounts his unexpected path into bug bounty hunting, including his involvement in Microsoft's Zero Day Quest and his passion for auditing real-time operating systems like Azure RTOS.  

In This Episode You Will Learn:  

• How Marco taught himself BASIC and assembly through cassette tapes and trips to local libraries 
• Why mentorship and positive leadership can catapult your cybersecurity career 
• When measuring network response times can unintentionally leak valuable info 

Some Questions We Ask: 

• Do you remember the first time you made code do something unexpected? 
• What was your experience like in the Zero Day Quest building for those three days? 
• How are you thinking of approaching fuzzing after Zero Day Quest? 

Resources:      

View Marco Ivaldi on LinkedIn     

View Wendy Zenone on LinkedIn   

View Nic Fillingham on LinkedIn  

HN SECURITY 

Learn More About Marco 

Related Microsoft Podcasts:   

• Microsoft Threat Intelligence Podcast   
• Afternoon Cyber Tea with Ann Johnson   
• Uncovering Hidden Risks   

Discover and follow other Microsoft podcasts at microsoft.com/podcasts   

The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.  

Hosted on Acast. See acast.com/privacy for more information.

In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Dhiral Patel, Senior Security Engineer at ZoomInfo and one of MSRC’s Most Valuable Researchers (MVR). Dhiral shares how a hacked Facebook account sparked his passion for ethical hacking. From web development to penetration testing, Dhiral has become a top bug hunter, landing multiple spots on the MSRC leaderboards. Dhiral reflects on his early MSRC submissions and lessons learned. He also discusses the importance of mastering web security basics, practicing on platforms like TryHackMe and Hack the Box, and staying connected with the bug bounty community.  

In This Episode You Will Learn:  

• The importance of mastering web security basics before diving into bug bounty hunting 
• Why hands-on platforms like TryHackMe and Hack the Box are perfect for beginners 
• Dhiral’s journey from blogging to freelancing and security research 

Some Questions We Ask: 

• How do you balance competition and collaboration in the bug bounty community? 
• Can you explain what clickjacking is and if it still works today? 
• Why did you start with Power BI, and how did it lead to your journey in security? 

Resources:      

View Dhiral Patel on LinkedIn    

View Wendy Zenone on LinkedIn   

View Nic Fillingham on LinkedIn  

Related Microsoft Podcasts:   

• Microsoft Threat Intelligence Podcast   
• Afternoon Cyber Tea with Ann Johnson   
• Uncovering Hidden Risks   

Discover and follow other Microsoft podcasts at microsoft.com/podcasts   

Hosted on Acast. See acast.com/privacy for more information.

In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by security researcher Tobias Diehl, a top contributor to the Microsoft Security Research Center (MSRC) leaderboards and a Most Valuable Researcher. Tobias shares his journey from IT support to uncovering vulnerabilities in Microsoft products. He discusses his participation in the upcoming Zero Day Quest hacking challenge and breaks down a recent discovery involving Power Automate, where he identified a security flaw that could be exploited via malicious URLs. Tobias explains how developers can mitigate such risks and the importance of strong proof-of-concept submissions in security research. 

In This Episode You Will Learn: 

• Researching vulnerabilities in Power Automate, Power Automate Desktop, and Azure
• The importance of user prompts to prevent unintended application behavior
• Key vulnerabilities Tobias looks for when researching Microsoft products

Some Questions We Ask:

• Have you submitted any AI-related findings to Microsoft or other bug bounty programs?
• How does the lack of visibility into AI models impact the research process?
• Has your approach to security research changed when working with AI versus traditional systems?

Resources:     

View Tobias Diehl on LinkedIn  

View Wendy Zenone on LinkedIn  

View Nic Fillingham on LinkedIn 

Related Microsoft Podcasts:  

• Microsoft Threat Intelligence Podcast  
• Afternoon Cyber Tea with Ann Johnson  
• Uncovering Hidden Risks  

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Hosted on Acast. See acast.com/privacy for more information.

The success of crypto inspired dozens of other cryptocurrencies like Ethereum, Tether, and Dogecoin. Today, people worldwide use cryptocurrencies to buy things, sell things, and make investments. One thing is certain; digital currencies are here to stay, no matter how many times you have to explain what a bitcoin is. Unfortunately, it also created the world of cryptojacking, a form of cybercrime that remains completely hidden from the target and can infect millions of computers with cryptojacking malware. Which brings us to the fundamental question: What can organizations do to protect themselves?  

In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Microsoft senior software engineer Amitrajit Banerjee and senior staff architect at Intel Rahul Ghosh to discuss the history and prevalence of cryptojacking. The push behind a cryptojacking attack is almost always motivated by money. Mining cryptocurrencies can be very lucrative, but making a profit is challenging unless you cover high costs. They discuss the importance of understanding the actual concept of mining, how victims' CPU power and computing resources can be used, and why it isn't easy in general to detect crypto miners. 

In This Episode You Will Learn:    

• How prevalent is cryptojacking and who should be worried 
• When and how people are exposed to these new types of threats 
• Why you should be familiar with cryptojacking 

Some Questions We Ask:    

• How are victims' CPU power and computing resources used to mine cryptocurrencies? 
• What created this environment where cryptojacking is possible? 
• What are some general techniques when trying to identify cryptojacking? 

Resources:   

The increasing threat of cryptocurrency miners 

Defending against cryptojacking 

Guidance for preventing, detecting, and hunting for exploitation 

View Amitrajit Banerjee on LinkedIn 

View Rahul Ghosh on LinkedIn 

View Nic on LinkedIn  

View Natalia on LinkedIn  

Related:   

Listen to: Security Unlocked: CISO Series with Bret Arsenault     

Listen to: Afternoon Cyber Tea with Ann Johnson    

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.     

Hosted on Acast. See acast.com/privacy for more information.

Ransomware attacks have never been so successful. The returns from these attacks are soaring and only becoming easier to conduct. In chapter two of the Microsoft Digital Defense Report, the growing threat of cybercrime is covered in great detail. As we continue to go over the MDDR, it's more apparent than ever that the cybercrime economy and services it provides are stronger and more complex than ever. Cryptocurrency, malware, and adversarial machine learning are just a few of the topics we believe need to be covered in more detail.  

In this episode of Security Unlocked, host’s Natalia Godyla and Nic Fillingham are joined by Jason Lyons, principal investigator in the digital crimes unit at Microsoft. Jason is an experienced investigator specializing in computer investigations. He is trained and experienced in hacker methodology/techniques, computer forensics, and incident response. Jason joined the show to discuss Chapter two of the Microsoft Digital Defense Report, which focuses on the state of cybercrime. He also speaks on how cryptocurrency has created new challenges in ransomware, why ransomware continues to grow, and recent trends we are currently seeing in malware.  

In This Episode You Will Learn:     

• How to decide whether to pay the ransomware or not 
• New ways for security teams to protect against malware 
• Why we are seeing a rise in cybercrime due to cryptocurrency.  

Some Questions We Ask:    

• What's new in the way the cybercrime economy operates?  
• Why is ransomware still such a big thing and maybe even getting bigger? 
• What trends are we seeing with malware right now? 

Resources:   

Microsoft Digital Defense Report  

View Jason Lyons on LinkedIn  

View Nic on LinkedIn  

View Natalia on LinkedIn  

Related:   

Listen to: Security Unlocked: CISO Series with Bret Arsenault     

Listen to: Afternoon Cyber Tea with Ann Johnson    

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.     

Hosted on Acast. See acast.com/privacy for more information.