Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind the scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense.
All content for Microsoft Threat Intelligence Podcast is the property of Microsoft and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind the scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense.
Whisper Leak: How Threat Actors Can See What You Talk to AI About
Microsoft Threat Intelligence Podcast
47 minutes
2 weeks ago
Whisper Leak: How Threat Actors Can See What You Talk to AI About
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by security researchers Geoff McDonald and JBO to discuss Whisper Leak, new research showing that encrypted AI traffic can still unintentionally reveal what a user is asking about through patterns in packet size and timing.
They explain how LLM token streaming enables this kind of side-channel attack, why even well-encrypted conversations can be classified for sensitive topics, and what this means for privacy, national-level surveillance risks, and secure product design. The conversation also walks through how the study was conducted, what patterns emerged across different AI models, and the steps developers should take to mitigate these risks.
In this episode you’ll learn:
Why packet sizes and timing patterns reveal more information than most users realize
How user-experience choices like showing streamed text create a larger attack surface
The difference between classic timing attacks and the new risks uncovered in Whisper Leak
Resources:
View JBO on LinkedIn
View Geoff McDonald on LinkedIn
View Sherrod DeGrippo on LinkedIn
Learn more about Whisper Leak
Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
Microsoft Threat Intelligence Podcast
Join us to hear stories from the Microsoft Threat Intelligence community as they navigate the ever-evolving threat landscape - uncovering APTs, cybercrime gangs, malware, vulnerabilities, and other weird and cool tools and tactics in the world of cyber threats. Featuring tales of innovation, teamwork, and cyber espionage, tune in to hear in-depth analyses of Microsoft's influence on the threat landscape and behind the scenes stories from the tireless researchers and analysts that take part. This enthralling and insightful podcast is delivered in a casual, conversational style that transports you to the frontlines of cyber defense.
