By loading the video, you agree to YouTube's privacy policy.
Learn more

Load video

By loading the podcast, you accept Libsyn's privacy policy.
Read more

Load podcast

For our 50th episode of the Security Swarm Podcast, Andy and Eric Siron look back at the last 49 episodes of the show. They go through some core security topics and discuss whether they’re still relevant, how they’ve changed in comparison to the evolving threat landscape and provide updates on some of the major stories discussed.

This is part 1 of a 2-part episode, with part 2 coming next week.

Key Takeaways:

  • AI-powered tools are a double-edged sword, capable of both beneficial and malicious applications.
  • Botnets and malware continue to be a persistent threat, as attackers adapt and find new ways to circumvent disruptions.
  • Email-based social engineering remains a significant vulnerability, as human nature makes it a difficult problem to solve.
  • Immutability and backups are critical for protecting against ransomware and data loss.
  • Securing cloud-based platforms like Microsoft 365 requires a nuanced approach, as the responsibility is shared between the provider and the customer.
  • Security awareness training can be challenging to implement effectively, requiring a balance between engagement and cost.
  • Navigating the relationship between IT administrators and CISOs is crucial for effective security management.


(00:31) Using ChatGPT to create ransomware – still a relevant and evolving topic

(02:22) How tech pros should handle security news and zero-days

(09:09) The re-emergence of Emotet and the challenges of disrupting botnets

(12:04) The persistent problem of social engineering and email attacks

(13:25) The importance of immutability and backups against ransomware

(16:29) The security of Microsoft 365

(19:35) Deep dive on the QuickBot malware

(20:20) The necessity of advanced threat protection (ATP)

(22:58) Guidance on effective security awareness training

(25:41) Tips for IT admins on working with CISOs

(26:07) Microsoft’s throttling of legacy on-premises Exchange servers

(28:11) Discussing Episodes 12 and 13, recorded live at InfoSecurity Europe, on compliance and security horror stories