AddGitHub
DISCARDED: Tales From the Threat Research Trenches
DISCARDED: Tales From the Threat Research Trenches
DISCARDED: Tales From the Threat Research Trenches·Jun 23, 2026·52m·Episode #104

From Phishing to Court Cases: How Microsoft Fights Back Against Hackers

Download audioApple PodcastsSpotify

Show notes

Send us fan mail!

Hello to all our Cyber Pals!

Host Selena Larson is joined by Sean Farrell, Assistant General Counsel at Microsoft's Digital Crimes Unit (DCU), to pull back the curtain on how major cyber crime takedowns actually happen and how Microsoft uses civil lawsuits, criminal referrals, and global partnerships to disrupt some of the most damaging cyber crime operations in the world.

They discuss:

  • What DCU does and Sean's path from FBI to AWS to Microsoft
  • How civil claims like the CFAA and RICO are used to seize infrastructure
  • The Fox Tempest takedown and its ties to Rhysida ransomware
  • The global disruption of the Tycoon 2FA phishing-as-a-service operation
  • How targets get chosen, and civil vs. criminal action
  • Why naming victims changes the public narrative on cyber crime
  • Arrests tied to Octo Tempest/Scattered Spider
  • The risks of AI-generated sloppiness in legal and threat intel work

Disrupting cyber crime isn't about ending it for good, it's about raising the cost of doing business until bad actors run out of road.


Resources Mentioned:


https://www.microsoft.com/en-us/corporate-responsibility/customer-security-trust/digital-crimes-unit

https://blogs.microsoft.com/on-the-issues/2026/05/19/disrupting-fox-tempest-a-cybercrime-service/

https://www.proofpoint.com/us/blog/threat-insight/disruption-targets-tycoon-2fa-popular-aitm-phaas



For more information about Proofpoint, check out our website.

 


Subscribe & Follow:

Stay ahead of emerging threats, and subscribe! Happy hunting!


← Previous

Diving Into the DBIR: Vulnerabilities, AI, and Supply Chain