In this episode of ThreatCast , Ru and Matt dive deep into the world of Microsoft GHOST, a specialised team focused on cybersecurity hunting within Microsoft. Matt explains the role of the DoD (Detection and Response Team), their work on incident response for customers dealing with ransomware and nation-state attacks, and how Microsoft telemetry plays a crucial role in detecting and mitigating threats.
They also discuss current trends in the cybersecurity landscape, including token theft, adversary-in-the-middle attacks, and the importance of mandatory MFA (Multi-Factor Authentication) for securing Azure and Intune admin portals. Matt shares his insights on how these measures, along with KQL, are helping Microsoft and its customers stay ahead of evolving threats.
Website: https://www.threatscape.com/
Linkedin: https://www.linkedin.com/company/942506
Email Address : [email protected]