Plus, the FBI’s claim that China’s “Salt Typhoon” has been “contained,” Iran’s Nobitex crypto-exchange breach (Predatory Sparrow torches $90 million and leaks the source code), Iranian cyber capabilities and sanctions avoidance.

Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

Links:

• Transcript (unedited, AI-generated)
• Houken: Seeking a path by living on the edge with zero-days
• China-nexus APTs recon on top-tier targets
• French cybersecurity agency confirms government affected by Ivanti hacks
• Top FBI cyber official: Salt Typhoon ‘largely contained’
• Operation Blockbuster (Novetta)
• Israel-Iran cyberwar: Predatory Sparrow, vanishing crypto, bank hacks
• Inside the Nobitex Breach: What the Leaked Source Code Reveals About Iran’s Crypto Infrastructure
• cisagov/thorium

• Binarly (https://binarly.io)
• FwHunt (https://fwhunt.run)

Faraday chief executive Federico 'Fede' Kirschbaum joins the show to talk about building a startup in the vulnerability management space, the intricacies of the Argentinian hacking culture, stories of exploit writers and mercenary hackers, and the overwhelming U.S.-centric view of the cybersecurity industry.

Links:

• Faraday at Black Hat 2023
• Fede on LinkedIn
• Federico Kirschbaum on Twitter
• Ekoparty
• Padding Oracles Everywhere (Rizzo/Duong)

SentinelLabs malware hunter Juan Andres Guerrero-Saade (JAG-S) returns to the show to discuss how big-game attribution has changed over the years, the nation-state APT landscape, Mudge and the nightmares facing CISOs, and a mysterious actor named Metador.

Links:

• Report: The Mystery of Metador
• J. A. Guerrero-Saade on Twitter
• LABScon - Security Research in Real Time
• Researchers Crowdsourcing Effort to Identify Mysterious Metador APT

Links:

• A Year in Review of 0-days Used In-the-Wild in 2021
• Maddie Stone on LinkedIn
• 0day "In the Wild" Spreadsheet
• Maddie Stone on Twitter

Links:

• Shane Huntley on LinkedIn
• Twitter: @ShaneHuntley
• Project Zero: FORCEDENTRY Sandbox Escape
• Google and Operation Aurora
• A walk through Google Project Zero metrics
• Project Zero: 0day "In the Wild" Database

Links:

• Google Says NSO Pegasus Zero-Click 'Most Technically Sophisticated Exploit Ever Seen'
• Project Zero: A deep dive into an NSO zero-click iMessage exploit
• The Million Dollar Dissident: NSO Group's iPhone Zero-Days
• Pegasus vs. Predator: Doubly-Infected iPhone Reveals Cytrox Mercenary Vendor
• Proliferation of Cyber Capabilities in International Arms Markets

The recording was conducted in the hallways of the CanSecWest Pwn2Own hacking contest in 2013 where Bekrar's team of hackers demo'd a zero-day attack against Microsoft Internet Explorer 10 on Windows 8, an exploit that bypassed all mitigations including the browser sandbox. We chat about the controversies surrounding the sale of zero-day vulnerabilities and exploits, his company’s business dealings and the work that goes into winning the CanSecWest Pwn2Own hacker contest.

(Please excuse the audio quality and background chatter, this was recorded with a small handheld device in a noisy room).

Links:

• Dave Weston on Twitter
• David Weston: Hardening with Hardware — In this talk, we will review the metamorphosis and fundamental re-architecture of Windows to take advantage of emerging hardware security capabilities.
• Windows 10 in S mode