About the show

The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks.

Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers.

Connect with Ryan on Twitter (Open DMs).

Three Buddy Problem on social media

Episodes

  • Thomas Rid joins the show: AI consciousness, TP-Link's China connection, trust in hardware security

    April 25th, 2025  |  1 hr 33 mins
    apt research, china, nation-state, north korea, spyware, surveillance, zero-day

    Three Buddy Problem - Episode 43: Director of the Alperovitch Institute for Cybersecurity Studies Thomas Rid joins the show for a deep-dive into the philosophical and ethical considerations surrounding AI consciousness and anthropomorphism. We dig into the multifaceted implications of AI technology, particularly focusing on data privacy, national security, and the philosophical questions surrounding AI consciousness and rights.

    Plus, TP-Link under US government investigation and the broader issues of consumer trust in hardware security, the need for regulation and inspectability of technology, and the struggles with patching network devices.

    Cast: Thomas Rid, Juan Andres Guerrero-Saade and Ryan Naraine.

    • Costin Raiu is away this week.
  • China doxxes NSA, CVE's funding crisis, Apple's zero-day troubles

    April 17th, 2025  |  1 hr 39 mins
    apt research, nation-state, surveillance, zero-day

    Three Buddy Problem - Episode 42: We dig into news that China secretly fessed up to the Volt Typhoon hacks and followed up with claims that named NSA agents launched advanced cyberattacks against the Asian Winter Games. Plus, the MITRE CVE funding crisis, new Apple 0days in the wild includes PAC bypass exploit, Microsoft Patch Tuesday zero-days.

    Plus, the effectiveness of Lockdown Mode, the rising costs of mobile exploits, Chris Krebs' exit from SentinelOne after a presidential executive order, and the value and effectiveness of security clearances.

    Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.

  • NSA director fired, Ivanti's 0day screw-up, backdoor in robot dogs

    April 4th, 2025  |  1 hr 36 mins
    apt research, nation-state, zero-day

    Three Buddy Problem - Episode 41: Costin and Juanito join the show from Black Hat Asia in Singapore. We discuss Bunnie Huang's keynote on hardware supply chains and a classification system to establish a grounded perspective on trust in hardware, Ivanti's misdiagnosis of a critical VPN applicance flaw and Mandiant reporting on a Chinese APT exploiting Ivanti devices. Plus, breaking news on the sudden firing of NSA director and head of Cyber Command Tim Haugh.

    We also discuss Microsoft touting AI's value in finding open-source bootloader bugs, Silent Push report on a RUssian APT impersonating the CIA, a backdoor in a popular Chinese robot dog, and Chinese dominance of the robotics market.

    Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.

  • Signalgate and ID management hiccups, PuzzleMaker and Chrome 0days, Lab Dookhtegan returns

    March 28th, 2025  |  1 hr 52 mins
    apt research, nation-state, zero-day

    Three Buddy Problem - Episode 40: On the show this week, we look at the technical deficiencies and opsec concerns around the use of Signal for ultra-sensitive communications. Plus, some speculation on who's behind Kaspersky’s ‘Operation Forum Troll’ report, Chinese discussion on NSA/CIA mobile networks exploitation, and the return of ‘Lab Dookhtegan’ hack-and-leak exposures.

    Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.

  • China exposing Taiwan hacks, Paragon spyware and WhatsApp exploits, CISA budget cuts

    March 21st, 2025  |  1 hr 56 mins
    apt research, nation-state, zero-day

    Three Buddy Problem - Episode 39: Luta Security CEO Katie Moussouris joins the buddies to parse news around a coordinated Chinese exposure of Taiwan APT actors, CitizenLab's report on Paragon spyware and WhatsApp exploits, an “official” Russian government exploit-buying operation shopping for Telegram exploits, the fragmentation of exploit markets and the future of CISA in the face of budget cuts and layoffs.

    Cast: Katie Moussouris (Luta Security), Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.

  • A half-dozen Microsoft zero-days, Juniper router backdoors, advanced bootkit hunting

    March 14th, 2025  |  2 hrs 5 mins
    apt research, nation-state, zero-day

    Three Buddy Problem - Episode 38: On the show this week, we look at a hefty batch of Microsoft zero-days exploited in the wild, iOS 18.3.2 fixing an exploited WebKit bug, a mysterious Unpatched.ai being credited with Microsoft Access RCE flaws, and OpenAI lobbying for the US to ban China's DeepSeek.

    Plus, discussion on a Binarly technical paper with new approach to finding UEFI bootkits, Mandiant flagging custom backdoors on Juniper routers, and MEV 'sandwich attacks' front-running cryptocurrency transactions.

    Cast: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade.

  • Revisiting the Lamberts, i-Soon indictments, VMware zero-days

    March 8th, 2025  |  1 hr 39 mins
    apt research, nation-state, zero-day

    Three Buddy Problem - Episode 37: This week, we revisit the public reporting on a US/Russia cyber stand down order, CISA declaring no change to its position on tracking Russian threats, and the high-level diplomatic optics at play.

    Plus, a dissection of ‘The Lamberts’ APT and connections to US intelligence agencies, attribution around ‘Operation Triangulation’ and the lack of recent visibility into these actors. We also discuss a fresh batch of VMware zero-days, China’s i-Soon ‘hackers-for-hire’ indictments, the Pangu/i-Soon connection, and a new wave of Apple threat-intel warnings about mercenary spyware infections.

    Cast: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade.

  • Lazarus ByBit $1.4B heist was supply chain attack on developer

    March 1st, 2025  |  1 hr 53 mins
    apt research, nation-state, zero-day

    Three Buddy Problem - Episode 36: Ryan and Juanito join the show from the RE//verse conference with discussion on Natalie Silvanovic’s keynote on hunting for bugs in mobile messengers, the thrill of looking at exposed attack surfaces and the grueling “losses” bug hunters endure before a breakthrough.

    We also cover the latest on the $1.4 billion ByBit hack pinned on the Lazarus Group and the malicious JavaScript supply chain attack at the center of the cryptocurrency heist. Plus, the ethical gray zones of tethered exploits via Cellebrite, the whiplash of AI-driven threat intel, and the looming pivot in U.S. cyber policy signaling a stand-down on Russia-focused APT ops.

    Cast: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade.

  • North Korea's biggest ever crypto heist: $1.4B stolen from Bybit

    February 23rd, 2025  |  2 hrs 7 mins
    apt research, nation-state, zero-day

    Three Buddy Problem - Episode 35: Juanito is live from DistrictCon with notes on discussion of an elusive iOS zero-day by a company called QuaDream and Apple’s controversial removal of iCloud backup end-to-end encryption in the UK. We also cover a staggering $1.4 billion hack by the Lazarus Group against Bybit, new angles in NSA-linked cyber-espionage against China’s top universities, Chinese hacking gangs moonlighting as ransomware criminals, and Russian APTs abusing Signal’s “linked devices” feature. Plus, Costin explains Microsoft’s quantum computing breakthrough.

    Cast: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade.

  • An 'extremely sophisticated' iPhone hack; Google flags major AMD microcode bug

    February 15th, 2025  |  1 hr 25 mins
    apt research, nation-state, zero-day

    Three Buddy Problem - Episode 34: We dig into the latest exploited Apple iPhone zero-day (USB Restricted Mode bypass), an AMD microcode flaw so serious it’s not being fully disclosed, a barrage of Patch Tuesday updates, the helpless nature of trying to defend corporate networks, Russian threat actor movements, and fresh intel from Rapid7, Volexity, and Microsoft.

    Cast: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade.

  • Unpacking the UK government's secret iCloud backdoor demand

    February 8th, 2025  |  2 hrs 22 mins
    apt research, nation-state, zero-day

    Three Buddy Problem - Episode 33: In this episode, we unpack the UK government's secret push for backdoor access to encrypted iCloud data, Apple’s approach to iCloud encryption, and the broader implications for privacy and security on a global scale. Plus, how security agencies handle zero-day vulnerabilities, surveillance spyware and mercenary hacking, and TikTok-powered election disinformation and interference.

    From wormable exploits like Eternal Bue to the realities of AI-based spying, the episode offers a detailed look into how government oversight, private sector collaboration, and shifting market forces have reshaped the way we think about cybersecurity.

    Cast: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade.

  • Inside the DeepSeek AI existential crisis, Chinese 'backdoor' in medical devices

    January 31st, 2025  |  2 hrs 19 mins
    apt research, nation-state, zero-day

    Three Buddy Problem - Episode 32: In this episode, we rummage through the DeepSeek hype and break down what makes it different from OpenAI’s models, why it’s stirring up existential controversies, and what it means for the broader tech landscape. We get into the privacy concerns, the geo-political implications, how AI models handle data, the ongoing debate over IP theft and innovation, and the challenges that come with a Chinese company shipping an open-source alternative.

    Beyond AI, we dig into some of the latest headlines; from a Chinese ‘backdoor’ in medical devices, problems with CISA’s backdoor bulletin, the risks of insecure IoT, phishing attacks on influencers, and ongoing battles over censorship in the VPN space. We also touch on WhatsApp catching spyware vendor Paragon Solutions and potential shifts in U.S. government policy on commercial mercenary hacking and surveillance companies.

    Cast: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade.