Inside the Turla Playbook: Hijacking APTs and fourth-party espionage

Three Buddy Problem - Episode 24: In this episode, we did into Lumen/Microsoft’s revelations on Russia's Turla APT stealing from a Pakistani APT, and issues around fourth-party espionage and problems with threat actor attribution. We also discuss Citizen Lab’s findings on Monokle-like spyware implanted by Russian authorities, the slow pace of Salt Typhoon disinfection, the Solana web3.js supply chain attack affecting crypto projects, and the Romanian election crisis over Russian interference via TikTok.

Cast: Juan Andres Guerrero-Saade, Costin Raiuand Ryan Naraine.

• Transcript (unedited, AI-generated)
• Russian APT Turla Caught Stealing From Pakistani APT
• Snowblind: The Invisible Hand of Secret Blizzard
• Microsoft: Secret Blizzard compromising Storm-0156 infrastructure for espionage | Microsoft Security Blog
• EpicTurla.com
• Device Confiscated by Russian Authorities Returned with Monokle-Type Spyware
• Lookout Security research paper on Monokle spyware
• Parubets: How a programmer foiled his own FSB recruitment
• CISA/FBI guidance to repel Salt Typhoon
• US officials say they still have not expelled Chinese telco hackers
• Solana backdoored in supply chain hack
• Romania's top court annuls first round of presidential vote won by far-right candidate