Hamid Kashfi on the situation in Iran; Did cyber cause Venezuela blackouts?

January 9th, 2026  |  2 hrs 13 mins

ai, apt research, cyberespionage, cyberwar, nation-state, ransomware, zero-day

(Presented by Material Security: We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices).

Three Buddy Problem - Episode 80: Researcher Hamid Kashfi returns to unpack Iran’s latest unrest, separating economic reality from propaganda while examining how information control, cyber pressure, and state surveillance are shaping events on the ground.

Plus, did cyber make the lights go out in Venezuela?

Cast: Hamid Kashfi, Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade.

Train brake hack, GRU sanctions, Wagner war crimes, Microsoft's Chinese ‘digital escorts’

July 18th, 2025  |  1 hr 48 mins

apt research, cyberwar, nation-state, zero-day

Three Buddy Problem - Episode 54: Europol busted pro‑Russian hacktivist crew NoName 057(16), the Brits announce sanctions on Russia’s GRU cyber units, Wagner‑linked “war influencers” streamed atrocities from Africa, and fresh tech worries ranged from a $500 RF flaw that can hijack U.S. train brakes.

Plus, ProPublica on Microsoft’s China‑based “digital escorts,” Google’s headline‑grabbing AI‑found SQLite zero‑day, and OpenAI’s new task‑running agents. Meanwhile, Ukraine’s hackers wiped a Russian drone maker, ransomware crippled a major vodka producer, and another Chrome zero‑day quietly underscored how routine critical exploits have become.

Cast: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade.

Israel-Iran cyberwar: Predatory Sparrow, vanishing crypto, destructive bank hacks

June 20th, 2025  |  3 hrs 7 mins

apt research, cryptocurrency, cyberwar, nation-state, zero-day

Three Buddy Problem - Episode 51: Former Immunity/Trail of Bits researcher Hamid Kashfi joins the buddies for a fast-moving tour of cyber activities in the Israel-Iran war. The crew unpacks who 'Predatory Sparrow' is, why Sepah Bank and the Nobitex crypto exchange were hit, and what a $90 million cryptocurrency burn really means. Plus, radar-blinding cyberattacks that paved the way for Israel’s air raid, the human cost of sudden ATM outages and unpaid salaries, and the puzzling “Code Breakers” data leak that preceded it all.

Hamid shares on-the-ground context, the buddies debate whether cyber operations can sway a shooting war, and everyone tries to gauge Iran’s true offensive muscle under sanctions.

Cast: Hamid Kashfi, Costin Raiu, Juan Andres Guerrero-Saade and Ryan Naraine.

Cyber flashpoints in Israel-Iran war, the 'magnet of threats', Mossad drone swarms

June 13th, 2025  |  1 hr 51 mins

apt research, cyberwar, nation-state, zero-day

Three Buddy Problem - Episode 50: This week, we dissect cyber flashpoints in the Iran-Israel war, revisit the “magnet of threats” server in Iran that attracted APTs from multiple nation-states, and react to Israel's Mossad sneaking explosive drone swarms deep into Iran to support airstrikes.

Plus, Stealth Falcon’s new WebDAV zero-day, SentinelOne’s brush with Chinese APTs, Citizen Lab’s forensic takedown of Paragon’s iPhone spyware, and the sneaky Meta/Yandex trick that links Android web browsing to app IDs.

Cast: Costin Raiu, Juan Andres Guerrero-Saade and Ryan Naraine.

Ep7: Crowd2K and the kernel, PKFail supply chain failures, Paris trains sabotage and Russian Olympic attacks

August 2nd, 2024  |  1 hr 10 mins

cyberwar, olympics, pkfail, russia

The 'Three Buddy Problem' Podcast Episode 7: In this episode, we try to close the book on the CrowdStrike Windows BSOD story, Microsoft VP David Weston’s technical documentation and issues around kernel access and OS resilience. We also discuss Binarly’s PKFail research, secure boot bypasses, Dan Geer and tech monoculture, software vendor liability issues and the need for inspectability in security mechanisms.

The conversation explores cyber angles to train service disruptions in Paris, the history of cyber operations targeting the Olympics, the lack of public acknowledgment and attribution of cyber operations by Western intelligence agencies, and the importance of transparency and case studies in understanding and discussing cyber operations.

Hosts: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)