Vulnerabilities, patching, and automation risks

In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by Microsoft security researchers Megan Stalling and Anna Seitz to examine how financially motivated threat actors are using familiar, low-complexity techniques to drive real-world impact across the financial services sector. 

They examine Storm-0727, a financially motivated threat actor targeting cryptocurrency, financial services, and government entities, highlighting how simple techniques like financial-themed lures, macro-enabled documents, and credential theft allow attackers to quietly establish and maintain access. The conversation then expands to broader financial-services threat trends, including business email compromise, ransomware with data extortion, phishing-as-a-service, and why social engineering and unpatched vulnerabilities continue to succeed even in mature security environments. 

In this episode you’ll learn:      

• How credential theft helps attackers maintain persistence 

• Why social engineering works even in well-secured environments 

• How Storm-0727 targets financial services and cryptocurrency organizations 

Some questions we ask:     

• What happens after a victim opens a macro-enabled document used by Storm-0727? 

• How are phishing as a service platforms changing the threat landscape? 

• What major threat trends are currently shaping the financial services sector? 

Resources:  

View Megan Stalling on LinkedIn  

View Anna Seitz on LinkedIn  

View Sherrod DeGrippo on LinkedIn  

Related Microsoft Podcasts:                   

• Afternoon Cyber Tea with Ann Johnson 

• The BlueHat Podcast 

• Uncovering Hidden Risks     

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Get the latest threat intelligence insights and guidance at Microsoft Security Insider