Displaying all 3 Episode of Three Buddy Problem with the tag “cyberwar”.
-
Israel-Iran cyberwar: Predatory Sparrow, vanishing crypto, destructive bank hacks
June 20th, 2025 | 3 hrs 7 mins
apt research, cryptocurrency, cyberwar, nation-state, zero-day
Three Buddy Problem - Episode 51: Former Immunity/Trail of Bits researcher Hamid Kashfi joins the buddies for a fast-moving tour of cyber activities in the Israel-Iran war. The crew unpacks who 'Predatory Sparrow' is, why Sepah Bank and the Nobitex crypto exchange were hit, and what a $90 million cryptocurrency burn really means. Plus, radar-blinding cyberattacks that paved the way for Israel’s air raid, the human cost of sudden ATM outages and unpaid salaries, and the puzzling “Code Breakers” data leak that preceded it all.
Hamid shares on-the-ground context, the buddies debate whether cyber operations can sway a shooting war, and everyone tries to gauge Iran’s true offensive muscle under sanctions.
Cast: Hamid Kashfi, Costin Raiu, Juan Andres Guerrero-Saade and Ryan Naraine.
-
Cyber flashpoints in Israel-Iran war, the 'magnet of threats', Mossad drone swarms
June 13th, 2025 | 1 hr 51 mins
apt research, cyberwar, nation-state, zero-day
Three Buddy Problem - Episode 50: This week, we dissect cyber flashpoints in the Iran-Israel war, revisit the “magnet of threats” server in Iran that attracted APTs from multiple nation-states, and react to Israel's Mossad sneaking explosive drone swarms deep into Iran to support airstrikes.
Plus, Stealth Falcon’s new WebDAV zero-day, SentinelOne’s brush with Chinese APTs, Citizen Lab’s forensic takedown of Paragon’s iPhone spyware, and the sneaky Meta/Yandex trick that links Android web browsing to app IDs.
Cast: Costin Raiu, Juan Andres Guerrero-Saade and Ryan Naraine.
-
Ep7: Crowd2K and the kernel, PKFail supply chain failures, Paris trains sabotage and Russian Olympic attacks
August 2nd, 2024 | 1 hr 10 mins
cyberwar, olympics, pkfail, russia
The 'Three Buddy Problem' Podcast Episode 7: In this episode, we try to close the book on the CrowdStrike Windows BSOD story, Microsoft VP David Weston’s technical documentation and issues around kernel access and OS resilience. We also discuss Binarly’s PKFail research, secure boot bypasses, Dan Geer and tech monoculture, software vendor liability issues and the need for inspectability in security mechanisms.
The conversation explores cyber angles to train service disruptions in Paris, the history of cyber operations targeting the Olympics, the lack of public acknowledgment and attribution of cyber operations by Western intelligence agencies, and the importance of transparency and case studies in understanding and discussing cyber operations.
Hosts: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)