Security Unlocked
Technology
About
Security Unlocked presents The BlueHat Podcast From 2020 to 2022, Security Unlocked, hosted by Nic Fillingham and Natalia Godyla, explored the technology and people powering Microsoft's Security solutions. Today, the Security Unlocked feed brings you new episodes from The BlueHat Podcast where hosts Nic Fillingham and Wendy Zenone speak with security researchers, responders, hackers and industry leaders, both inside and outside of Microsoft, working to secure the planet's technology and create a safer world for all. Hosted on Acast. See acast.com/privacy for more information.
Episodes
- Hunting Variants: Finding the Bugs Behind the Bug
In this episode of Security Unlocked, George Hughey explains how Microsoft's MSRC leverages data from hacking competitions like Pwn2Own to discover additional security vulnerabilities in Windows. The discussion covers differences between c…
- Securing Redirections with Mike Macelletti
Mike Macelletti joins Wendy Zenone and Nic Fillingham to discuss Microsoft's Redirection Guard, a mitigation against file path redirection vulnerabilities. The episode covers its development, functionality, impact, and adoption by develope…
- Ignore Ram Shankar Siva Kumar’s Previous Directions
Ram Shankar Siva Kumar's BlueHat India 2025 keynote, featured on The BlueHat Podcast, discusses the evolving AI threat landscape. Topics include adversarial machine learning, prompt injection, and memory poisoning, emphasizing the need for…
- Protecting AI at the Edge with David Weston
David Weston's keynote from BlueHat India 2025 explores the security implications of on-device AI in Windows, including emerging threats and Microsoft's architectural strategies. The episode covers topics like Windows Recall, biometric pro…
- Hacking at the Weeds with Felix Boulet
Felix Boulet shares his transition from industrial maintenance to vulnerability research, focusing on his methods for finding bugs in Microsoft identity systems and his experiences at the Zero Day Quest event, emphasizing the value and dan…
- Evolutions in Hacking with Marco Ivaldi
Marco Ivaldi, a cybersecurity expert with decades of experience, shares his journey from teenage hacking to his current role. He discusses ongoing challenges in Active Directory and password security, his experiences with bug bounty huntin…
- From Facebook-Phished to MVR Top 5 with Dhiral Patel
Dhiral Patel discusses his path into ethical hacking, inspired by a compromised Facebook account. He emphasizes the importance of web security fundamentals and practical experience with platforms like TryHackMe and Hack the Box, reflecting…
- AI & the Hunt for Hidden Vulnerabilities with Tobias Diehl
Security researcher Tobias Diehl joins the BlueHat Podcast to discuss his journey discovering vulnerabilities in Microsoft products, focusing on a Power Automate flaw and the importance of strong proof-of-concept submissions. He also touch…
- Cryptojacking, and Farewell for Now!
In this episode of Security Unlocked, hosts discuss cryptojacking with experts from Microsoft and Intel. They cover its history, prevalence, the motivations behind it, and how victims' resources are exploited for cryptocurrency mining. The…
- A look at Cybercrime in 2021
This episode of Security Unlocked discusses the increasing success and profitability of ransomware attacks in 2021, as detailed in the Microsoft Digital Defense Report. Hosts Natalia Godyla and Nic Fillingham are joined by Jason Lyons to e…
- What’s a BISO?
In this episode of Security Unlocked, host Natalia Godyla interviews Alyssa Miller, BISO at S&P Global Ratings. They discuss Miller's career path from a young hacker to a security executive and explore the responsibilities, organizational…
- Disinformation in the Enterprise
This episode of Security Unlocked discusses disinformation, its increasing prevalence, and how it impacts cybersecurity. Irfan Mirza joins the hosts to explain cognitive hacking and provide recommendations from the 2021 Microsoft Digital D…
- I am Shroot-less
Jonathan Bar Or, Principal Security Researcher at Microsoft, discusses a recently discovered macOS vulnerability that could allow attackers to bypass System Integrity Protection (SIP). The episode highlights the importance of cross-platfor…
- Decoding NOBELIUM
Microsoft Security's 'Security Unlocked' podcast episode, 'Decoding NOBELIUM,' examines the advanced nation-state and supply chain attack by Russia-based hackers. It features frontline defenders who tracked and responded to the NOBELIUM gr…
- Trusting Your Hybrid Workforce
This episode of Security Unlocked delves into Hybrid Workforce Security and Zero Trust, referencing the 2021 Microsoft Digital Defense Report. Hosts Natalia Godyla and Nic Fillingham are joined by Carmichael Patton to discuss security chal…
- When Privacy Meets Security
In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham talk with Whitney Merrill, Privacy Counsel at Asana. They cover how privacy and security intersect, common privacy mistakes, current privacy attack trends, and t…
- Securing Modern Software
Chris Wysopal, a pioneer in vulnerability research, joins Security Unlocked hosts Natalia Godyla and Nic Fillingham to discuss modern secure software development. The episode covers safely using open-source code, effective vulnerability mo…
- The 2021 Microsoft Digital Defense Report
On Security Unlocked, Natalia Godyla, Nic Fillingham, and Sian John discuss the 2021 Microsoft Digital Defense Report, covering its analysis, the evolution of cybercrime services, and new avenues for attacker data access. They also touch o…
- Mobile 4N6 101
In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham discuss mobile digital forensics with expert Sarah Edwards. They cover the unique aspects of mobile forensics, the tools used, the typical threat landscape for m…
- Untangling Botnets
In this episode of Security Unlocked, Elif Kaya, Natalia Godyla, and Nic Fillingham discuss botnets and their use in cryptocurrency mining. Elif Kaya explains new botnet techniques, financial theft via crypto mining, and their impact from…
- What the Fuzz?!
Edir Garcia Lazo, a data scientist on the Microsoft Defender Cybersecurity Artificial Intelligence Team, discusses fuzzy hashing and its use in detecting malware with Security Unlocked hosts Nic Fillingham and Natalia Godyla. The episode c…
- The ‘Three E’s’ of Scam Disruption
Juan Hardoy discusses the Digital Crimes Unit's mission to protect customers and build trust in Microsoft technologies by collaborating with governments and law enforcement. The episode covers proactive measures against cybercriminals, the…
- Entering the Virtual Battlefield
In this episode of Security Unlocked, host Natalia Godyla is joined by Justin Underwood, a Senior Threat Intelligence Analyst at Microsoft. They discuss transitioning from military service to a career in cybersecurity, the role of a Human…
- Battling BazaCall BuzzKill
In this episode of Security Unlocked, Natalia Godyla, Emily Hacker, and Justin Carroll discuss BazaCall campaigns, a new delivery method for malware and ransomware. They cover unique aspects, delivery systems, evasion tactics, and the atta…
- Turning to the Purple Side
Natalia Godyla and Nic Fillingham speak with Tanya Janca, founder of We Hack Purple, about application security. They cover her company, training, the importance of continuous learning in security, and bridging the gap between security pro…
- Protecting the Power Grid
On Security Unlocked, hosts Natalia Godyla and Nic Fillingham discuss power grid security with Microsoft's Hafid Elabdellaoui. They cover challenges in the utilities sector, the link between cybersecurity and physical security, and the imp…
- Making the Leap to the Cloud
In this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla are joined by Sarah Armstrong-Smith to discuss cloud security. They explore cloud adoption, threat intelligence, the shared responsibility model, and best practi…
- Mary Had a Little Scam Report
This episode of Security Unlocked discusses the global tech support scam landscape, highlighting that while scam awareness is rising, certain demographics remain highly susceptible. Hosts Nic Fillingham and Natalia Godyla, with guest Mary…
- Talking Security With Non-Security Professionals
In this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla discuss with Microsoft's Sarah Armstrong-Smith how cybersecurity professionals can communicate complex security topics to those outside the field. The episode co…
- Discovering Router Vulnerabilities with Anomaly Detection
Jonathan Bar Or joins Security Unlocked hosts Nic Fillingham and Natalia Godyla to discuss NETGEAR firmware vulnerabilities. He explains how his team identified the issues, worked with NETGEAR to fix them, and details how the side-channel…
- Securing the Internet of Things
This episode of Security Unlocked features Nic Fillingham, Natalia Godyla, and Arjmand Samuel discussing the security challenges of the Internet of Things (IoT). They explore the importance of IoT security, the zero trust model, and Micros…
- Looking a Gift Card Horse in the Mouth
This episode of Security Unlocked discusses Business Email Compromise (BEC) attacks, where scammers impersonate colleagues to trick victims into buying and sending gift cards. Hosts Nic Fillingham and Natalia Godyla, with guest Emily Hacke…
- Simulating the Enemy
Security Unlocked features Roberto Rodriguez, developer of Microsoft's Simuland tool, discussing how it simulates enemy attacks on user infrastructure to reveal security weaknesses. Hosts Natalia Godyla and Nic Fillingham explore the proje…
- Dial 'T' for Tech Support Fraud
This episode of Security Unlocked features hosts Natalia Godyla and Nic Fillingham discussing tech support scams. They are joined by Anup B Kumar from Microsoft's Digital Crime Unit to explore who is behind these scams, their motivations,…
- A Day in the Life of a Microsoft Principal Architect
Hyrum Anderson, Principal Architect of Azure Trustworthy ML, shares his journey into technology and his views on the current state of cybersecurity. The episode covers the differences between risks and threats, the inherent difficulty in d…
- Red-teaming AI with CounterFit
In this episode of Security Unlocked, host Nic Fillingham and Natalia Godyla are joined by Will Pearce, AI Red Team Lead at Azure Trustworthy ML Group. They discuss the Counterfit tool, its functions, and how AI red teaming helps identify…
- Pearls of Wisdom in the Security Signals Report
Hosts Nic Fillingham and Natalia Godyla discuss the new Security Signals Report with Nazmus Sakib. The episode covers the report's findings on firmware pervasiveness, common firmware vulnerabilities, and corporate spending on digital prote…
- Securing Hybrid Work: Venki Krishnababu, lululemon
In this episode of Security Unlocked, Bret Arsenault interviews Lululemon's Venki Krishnababu about the digital infrastructure supporting the brand, managing the transition to remote work, and leveraging pandemic experiences for future gro…
- Contact Us; Phish You!
This episode of Security Unlocked discusses a new phishing attack that compromises online forms, bypassing CAPTCHA security. Microsoft threat analyst Emily Hacker joins the hosts to explore why this attack is effective, how to prepare for…
- Securing the Cloud with Mark Russinovich
This episode of Security Unlocked features Mark Russinovich, CTO of Microsoft Azure, discussing cloud security, technological advancements, and pandemic-driven changes. He shares insights on FFUUEE, improving MFA adoption, and offers advic…
- Ready or Not, Here A.I. Come!
Security Unlocked hosts Nic Fillingham and Natalia Godyla interview Christian Seifert and Joshua Neil about their work gamifying machine learning. They discuss Microsoft's CyberBattleSim, reinforcement learning, and training AI through gam…
- Knowing Your Enemy: Anticipating Attackers’ Next Moves
This episode of Security Unlocked features hosts Nic Fillingham and Natalia Godyla interviewing Cole Sodja, Melissa Turcotte, and Justin Carroll about Microsoft Defender's AI-driven capabilities to anticipate cyber attacker movements. They…
- Below the OS: UEFI Scanning in Defender
Hosts Nic Fillingham and Natalia Godyla speak with Shweta Jha and Gowtham Reddy about new Microsoft Defender capabilities for scanning UEFI firmware. The episode covers the LoJax attack and how Defender's UEFI scanning helps stay ahead of…
- Inside Insider Risk
This episode of Security Unlocked discusses the insider threat in cybersecurity, exploring how remote work exacerbates the issue. Hosts Nic Fillingham and Natalia Godyla speak with Microsoft Applied Researcher Rob McCann about identifying…
- The Language of Cybercrime
Peter Anaman discusses how language and cultural factors influence cybercrime investigations with hosts Nic Fillingham and Natalia Godyla on Security Unlocked. Learn about the tools used by Microsoft's Digital Crime Unit and why cybercrime…
- The Human Element with Valecia Maclin
Valecia Maclin joins hosts Nic Fillingham and Natalia Godyla to discuss the human side of cybersecurity. She shares her journey into the field from mechanical engineering and her approach to leading teams with empathy, particularly highlig…
- Identity Threats, Tokens, and Tacos
Microsoft's Identity Security team, featuring Lead Data Scientist Maria Puertos Calvo, utilizes AI to analyze billions of daily authentications, making threat detection more efficient. The episode also explores Calvo's background in securi…
- Re: Tracking Attacker Email Infrastructure
Hosts Nic Fillingham and Natalia Godyla interview Microsoft Threat Analyst Elif Kaya about attacker email infrastructure. They discuss its uses, how intelligence gathering helps predict domain usage, and methods to combat sophisticated cyb…
- Celebrating Women in Security
On International Women's Day, Security Unlocked revisits interviews with Holly Stewart, Dr. Anna Bertiger, and Sam Schwartz. They discuss how diverse perspectives, math, and AI aid in threat detection and prevention, highlighting the work…
- Digital Crimes Investigates: Counterfeit Tales
Donal Keating from Microsoft's Digital Crimes Unit discusses the unit's origins, his career fighting counterfeits and IP crime, and collaborations with law enforcement. The episode covers the DCU's mission, forensic techniques, and the evo…