web01.fireside.fm Mon, 20 Apr 2026 18:11:22 -0500 Fireside (https://fireside.fm) Three Buddy Problem - Episodes Tagged with “Apt” https://securityconversations.fireside.fm/tags/apt Sat, 29 Jun 2024 11:00:00 -0700 The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. <a href="https://twitter.com/ryanaraine">Connect with Ryan on Twitter</a> (Open DMs). en-us episodic A Security Conversations podcast Security Conversations The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. <a href="https://twitter.com/ryanaraine">Connect with Ryan on Twitter</a> (Open DMs). no cybersecurity, ciso, infosec, security, hacking, information security, research Security Conversations naraine@gmail.com Ep2: A deep-dive on disrupting and exposing nation-state malware ops http://securityconversations.fireside.fm/tbp-ep2 4a6fe671-fe7a-4699-ae08-fe99fd11f49f Sat, 29 Jun 2024 11:00:00 -0700 Security Conversations full Security Conversations The 'Three Buddy Problem' Podcast Episode 2: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade go all-in on the discussion around Google Project Zero disrupting counter-terrorism malware operations. A deep dive on disruption vs exposure, the effects of US government sanctions on private mercenary hacking companies, hypocricy and the tricky relationship between malware researchers are the intelligence community, and the lack of 'success stories' from so-called benevolent malware. We also discuss the implications of the TeamViewer breach by a skilled Russian APT, new Microsoft notifications to Midnight Blizzard victims and share thoughts on the Polyfill.io supply chain compromise. 1:08:42 no The 'Three Buddy Problem' Podcast Episode 2: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade go all-in on the discussion around Google Project Zero disrupting counter-terrorism malware operations. A deep dive on disruption vs exposure, the effects of US government sanctions on private mercenary hacking companies, hypocricy and the tricky relationship between malware researchers are the intelligence community, and the lack of 'success stories' from so-called benevolent malware. We also discuss the implications of the TeamViewer breach by a skilled Russian APT, new Microsoft notifications to Midnight Blizzard victims and share thoughts on the Polyfill.io supply chain compromise. google project zero, disrupting nation-state operations, mercenary hacking, teamviewer breach, Polyfill supply chain The 'Three Buddy Problem' Podcast Episode 2: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade go all-in on the discussion around Google Project Zero disrupting counter-terrorism malware operations.

A deep dive on disruption vs exposure, the effects of US government sanctions on private mercenary hacking companies, hypocricy and the tricky relationship between malware researchers are the intelligence community, and the lack of 'success stories' from so-called benevolent malware.

We also discuss the implications of the TeamViewer breach by a skilled Russian APT, new Microsoft notifications to Midnight Blizzard victims and share thoughts on the Polyfill.io supply chain compromise.

Links:

]]> The 'Three Buddy Problem' Podcast Episode 2: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade go all-in on the discussion around Google Project Zero disrupting counter-terrorism malware operations.

A deep dive on disruption vs exposure, the effects of US government sanctions on private mercenary hacking companies, hypocricy and the tricky relationship between malware researchers are the intelligence community, and the lack of 'success stories' from so-called benevolent malware.

We also discuss the implications of the TeamViewer breach by a skilled Russian APT, new Microsoft notifications to Midnight Blizzard victims and share thoughts on the Polyfill.io supply chain compromise.

Links:

]]> Costin Raiu joins the XZ Utils backdoor investigation http://securityconversations.fireside.fm/costin-raiu-xz-backdoor f664c77a-dbbc-41a0-b392-7b4cd7223523 Fri, 05 Apr 2024 12:00:00 -0700 Security Conversations full Security Conversations Episode sponsors: - Binarly, the supply chain security experts (https://binarly.io) - XZ.fail backdoor detector (https://xz.fail) Malware paleontologist Costin Raiu returns for an emergency episode on the XZ Utils software supply chain backdoor. We dig into the timeline of the attack, the characteristics of the backdoor, affected Linux distributions, and the reasons why 'Tia Jan' is the handiwork of a cunning nation-state. Based on all the clues available, Costin pinpoints three main suspects -- North Korea's Lazarus, China's APT41 or Russia's APT29 -- and warns that there are more of these backdoors lurking in modern software supply chains. 51:33 no Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) XZ.fail backdoor detector (https://xz.fail) Malware paleontologist Costin Raiu returns for an emergency episode on the XZ Utils software supply chain backdoor. We dig into the timeline of the attack, the characteristics of the backdoor, affected Linux distributions, and the reasons why 'Tia Jan' is the handiwork of a cunning nation-state. Based on all the clues available, Costin pinpoints three main suspects -- North Korea's Lazarus, China's APT41 or Russia's APT29 -- and warns that there are more of these backdoors lurking in modern software supply chains. XZ Utils, APT, Stuxnet, SolarWinds, Lazarus, APT29 Episode sponsors:

Malware paleontologist Costin Raiu returns for an emergency episode on the XZ Utils software supply chain backdoor. We dig into the timeline of the attack, the characteristics of the backdoor, affected Linux distributions, and the reasons why 'Tia Jan' is the handiwork of a cunning nation-state.

Based on all the clues available, Costin pinpoints three main suspects -- North Korea's Lazarus, China's APT41 or Russia's APT29 -- and warns that there are more of these backdoors lurking in modern software supply chains.

Links:

]]> Episode sponsors:

Malware paleontologist Costin Raiu returns for an emergency episode on the XZ Utils software supply chain backdoor. We dig into the timeline of the attack, the characteristics of the backdoor, affected Linux distributions, and the reasons why 'Tia Jan' is the handiwork of a cunning nation-state.

Based on all the clues available, Costin pinpoints three main suspects -- North Korea's Lazarus, China's APT41 or Russia's APT29 -- and warns that there are more of these backdoors lurking in modern software supply chains.

Links:

]]> Patrick Howell O'Neill, Cybersecurity Editor, MIT Technology Review http://securityconversations.fireside.fm/patrick-howell-oneill-mit-tech-review 02fc5a7f-d41b-434f-a25d-5f6c0a046dbc Tue, 30 Mar 2021 01:00:00 -0700 Security Conversations full Security Conversations Patrick Howell O’Neill is the cybersecurity senior editor for MIT Technology Review. In this out-of-band episode of the show, Patrick joins Ryan to discuss his latest scoop on Google Project Zero's visibility into malware used in a Western .gov counter-terrorism operation, the tricky nature of attributing nation-state backed attacks, Apple's iOS becoming a hot target and the controversies surrounding all of these conversations. [Follow Patrick on Twitter](https://twitter.com/howelloneill). 25:52 no Patrick Howell O’Neill is the cybersecurity senior editor for MIT Technology Review. In this out-of-band episode of the show, Patrick joins Ryan to discuss his latest scoop (https://securityconversations.com/on-disrupting-gov-malware-attacks/) on Google Project Zero's visibility into malware used in a Western .gov counter-terrorism operation, the tricky nature of attributing nation-state backed attacks, Apple's iOS becoming a hot target and the controversies surrounding all of these conversations. Follow Patrick on Twitter (https://twitter.com/howelloneill). journalism, story-telling, google, project zero, APT, nation-state malware, attribution Patrick Howell O’Neill is the cybersecurity senior editor for MIT Technology Review. In this out-of-band episode of the show, Patrick joins Ryan to discuss his latest scoop on Google Project Zero's visibility into malware used in a Western .gov counter-terrorism operation, the tricky nature of attributing nation-state backed attacks, Apple's iOS becoming a hot target and the controversies surrounding all of these conversations. Follow Patrick on Twitter.

]]> Patrick Howell O’Neill is the cybersecurity senior editor for MIT Technology Review. In this out-of-band episode of the show, Patrick joins Ryan to discuss his latest scoop on Google Project Zero's visibility into malware used in a Western .gov counter-terrorism operation, the tricky nature of attributing nation-state backed attacks, Apple's iOS becoming a hot target and the controversies surrounding all of these conversations. Follow Patrick on Twitter.

]]> Costin Raiu, Global Director, GReAT, Kaspersky Lab http://securityconversations.fireside.fm/costin-raiu-great c49758d1-bc1a-43d5-8eee-5f91c6d7021f Mon, 03 Sep 2018 04:00:00 -0700 Security Conversations full Security Conversations Veteran malware hunter Costin Raiu talks about writing his own an anti-virus program as a teenager in Romania, his work tracking advanced threat actors globally, and why he assumes his computer is compromised by at least three APT groups. 51:21 no Veteran malware hunter Costin Raiu talks about writing his own an anti-virus program as a teenager in Romania, his work tracking advanced threat actors globally, and why he assumes his computer is compromised by at least three APT groups. cybersecurity, CISOs, securityawareness, threatintel, APT, SOC, remediation Veteran malware hunter Costin Raiu talks about writing his own an anti-virus program as a teenager in Romania, his work tracking advanced threat actors globally, and why he assumes his computer is compromised by at least three APT groups.

Links:

]]> Veteran malware hunter Costin Raiu talks about writing his own an anti-virus program as a teenager in Romania, his work tracking advanced threat actors globally, and why he assumes his computer is compromised by at least three APT groups.

Links:

]]> Juan Andrés Guerrero-Saade, Principal Security Researcher, Recorded Future http://securityconversations.fireside.fm/juan-andres-guerrero-saade-recorded-future https://securityconversations.com/?post_type=podcast&p=499 Mon, 14 May 2018 13:00:00 -0700 Security Conversations full Security Conversations Principal Security Researcher at Recorded Futures Insikt Group, Juan Andrés Guerrero-Saade, explains the nuances of good threat intelligence, sheds light on nation-state hacker activity and warns that adversaries don't have to be sophisticated to launch successful attacks. 1:01:24 no <p>Principal Security Researcher at Recorded Future’s Insikt Group, Juan Andrés Guerrero-Saade (<a href="https://twitter.com/juanandres_gs">juanandres_gs</a>), explains the nuances of good threat intelligence, sheds light on nation-state hacker activity and warns that adversaries don’t have to be “sophisticated” to launch successful attacks.</p> <p> </p> <a href="https://securityconversations.com/wp-content/uploads/2018/05/juan_andres_guerrero_saade.mp3">https://securityconversations.com/wp-content/uploads/2018/05/juan_andres_guerrero_saade.mp3</a> Principal Security Researcher at Recorded Future’s Insikt Group, Juan Andrés Guerrero-Saade (juanandres_gs), explains the nuances of good threat intelligence, sheds light on nation-state hacker activity and warns that adversaries don’t have to be “sophisticated” to launch successful attacks.

 

]]> Principal Security Researcher at Recorded Future’s Insikt Group, Juan Andrés Guerrero-Saade (juanandres_gs), explains the nuances of good threat intelligence, sheds light on nation-state hacker activity and warns that adversaries don’t have to be “sophisticated” to launch successful attacks.

 

]]> Robert M. Lee, Chief Executive Officer, Dragos Inc. http://securityconversations.fireside.fm/robert-m-lee-dragos https://securityconversations.com/?post_type=podcast&p=488 Thu, 10 May 2018 12:00:00 -0700 Security Conversations full Security Conversations The founder and CEO of Dragos, Inc. Robert M. Lee cuts through the hype around threats to critical infrastructure and offers a matter-of-fact take on active defense, “hacking-back,” and nation-state espionage operations. 54:44 no <p>The founder and CEO of Dragos, Inc. Robert M. Lee (<a href="https://twitter.com/RobertMLee">RobertMLee</a>) cuts through the hype around threats to critical infrastructure and offers a matter-of-fact take on active defense, “hacking-back,” and nation-state espionage operations.</p> <p> </p> <a href="https://securityconversations.com/wp-content/uploads/2018/05/ep28-robert-m-lee.mp3">https://securityconversations.com/wp-content/uploads/2018/05/ep28-robert-m-lee.mp3</a> The founder and CEO of Dragos, Inc. Robert M. Lee (RobertMLee) cuts through the hype around threats to critical infrastructure and offers a matter-of-fact take on active defense, “hacking-back,” and nation-state espionage operations.

 

]]> The founder and CEO of Dragos, Inc. Robert M. Lee (RobertMLee) cuts through the hype around threats to critical infrastructure and offers a matter-of-fact take on active defense, “hacking-back,” and nation-state espionage operations.

 

]]> Tim Maurer, Scholar, Carnegie Endowment for International Peace http://securityconversations.fireside.fm/tim-maurer-carnegie-endowment-for-international-peace 4cddd571-1e73-4625-acb1-321bb47e706f Mon, 05 Mar 2018 15:00:00 -0700 Security Conversations full Security Conversations Tim Maurer, a scholar at the Carnegie Endowment for International Peace, talks about nation state-backed hacking activity and the dangers of breaking trust in the global financial system. 32:31 no Tim Maurer, a scholar at the Carnegie Endowment for International Peace, talks about nation state-backed hacking activity and the dangers of breaking trust in the global financial system. cybersecurity, CISOs, securityawareness, threatintel, APT Tim Maurer, a scholar at the Carnegie Endowment for International Peace, talks about nation state-backed hacking activity and the dangers of breaking trust in the global financial system.

Links:

  • Tim Maurer - Carnegie Endowment for International Peace — Tim Maurer is the co-director of the Cyber Policy Initiative and a fellow at the Carnegie Endowment for International Peace. Since 2010, his work has been focusing on cybersecurity, human rights in the digital age, and Internet governance, currently with a specific focus on cybersecurity and financial stability.
  • Tim Maurer on Twitter
  • Cyber Mercenaries: The State, Hackers, and Power — Cyber Mercenaries explores the secretive relationships between states and hackers. As cyberspace has emerged as the new frontier for geopolitics, states have become entrepreneurial in their sponsorship, deployment, and exploitation of hackers as proxies to project power. Such modern-day mercenaries and privateers can impose significant harm undermining global security, stability, and human rights.
]]> Tim Maurer, a scholar at the Carnegie Endowment for International Peace, talks about nation state-backed hacking activity and the dangers of breaking trust in the global financial system.

Links:

  • Tim Maurer - Carnegie Endowment for International Peace — Tim Maurer is the co-director of the Cyber Policy Initiative and a fellow at the Carnegie Endowment for International Peace. Since 2010, his work has been focusing on cybersecurity, human rights in the digital age, and Internet governance, currently with a specific focus on cybersecurity and financial stability.
  • Tim Maurer on Twitter
  • Cyber Mercenaries: The State, Hackers, and Power — Cyber Mercenaries explores the secretive relationships between states and hackers. As cyberspace has emerged as the new frontier for geopolitics, states have become entrepreneurial in their sponsorship, deployment, and exploitation of hackers as proxies to project power. Such modern-day mercenaries and privateers can impose significant harm undermining global security, stability, and human rights.
]]> Christopher Ahlberg, CEO, Recorded Future http://securityconversations.fireside.fm/christopher-ahlberg-recorded-future 6fc1d3cb-e930-484f-84e6-8c521ddb9e97 Tue, 30 Jan 2018 14:00:00 -0700 Security Conversations full Security Conversations Co-founder and CEO of Recorded Future Christopher Ahlberg discusses the emergence of threat intelligence as a valuable security tool, the morals and ethics surrounding disclosure of nation-state attacks and the importance of tracking adversaries beyond the wall. 29:03 no Co-founder and CEO of Recorded Future Christopher Ahlberg discusses the emergence of threat intelligence as a valuable security tool, the morals and ethics surrounding disclosure of nation-state attacks and the importance of tracking adversaries beyond the wall. cybersecurity, CISOs, securityawareness, threatintel, APT Co-founder and CEO of Recorded Future Christopher Ahlberg discusses the emergence of threat intelligence as a valuable security tool, the morals and ethics surrounding disclosure of nation-state attacks and the importance of tracking adversaries beyond the wall.

Links:

]]> Co-founder and CEO of Recorded Future Christopher Ahlberg discusses the emergence of threat intelligence as a valuable security tool, the morals and ethics surrounding disclosure of nation-state attacks and the importance of tracking adversaries beyond the wall.

Links:

]]> Kim Zetter, Journalist and Author http://securityconversations.fireside.fm/kim-zetter bf98d79b-204e-4a5f-9418-75c5b554a26e Fri, 29 Dec 2017 13:00:00 -0700 Security Conversations full Security Conversations Award-winning security journalist and author Kim Zetter talks about her work tracking cyber-espionage campaigns, why she uses an old school cassette player to record sensitive interviews and the dramatic changes sweeping the security industry. 52:06 no Award-winning security journalist and author Kim Zetter talks about her work tracking cyber-espionage campaigns, why she uses an old school cassette player to record sensitive interviews and the dramatic changes sweeping the security industry. cybersecurity, CISOs, securityawareness, threatintel, APT Award-winning security journalist and author Kim Zetter talks about her work tracking cyber-espionage campaigns, why she uses an old school cassette player to record sensitive interviews and the dramatic changes sweeping the security industry.

Links:

]]> Award-winning security journalist and author Kim Zetter talks about her work tracking cyber-espionage campaigns, why she uses an old school cassette player to record sensitive interviews and the dramatic changes sweeping the security industry.

Links:

]]>