We found 10 episodes of Security Conversations with the tag “nation-state”.
-
Ep2: A deep-dive on disrupting and exposing nation-state malware ops
June 29th, 2024 | 1 hr 8 mins
apt, google, microsoft, nation-state, polyfill, russia, teamviewer
The 'Three Buddy Problem' Podcast Episode 2: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade go all-in on the discussion around Google Project Zero disrupting counter-terrorism malware operations. A deep dive on disruption vs exposure, the effects of US government sanctions on private mercenary hacking companies, hypocricy and the tricky relationship between malware researchers are the intelligence community, and the lack of 'success stories' from so-called benevolent malware.
We also discuss the implications of the TeamViewer breach by a skilled Russian APT, new Microsoft notifications to Midnight Blizzard victims and share thoughts on the Polyfill.io supply chain compromise.
-
Costin Raiu: The GReAT exit interview
January 15th, 2024 | 1 hr 32 mins
apt research, nation-state, zero-day
Episode sponsors:
- Binarly, the supply chain security experts (https://binarly.io)
- FwHunt (https://fwhunt.run)
Costin Raiu has spent a lifetime in anti-malware research, working on some of the biggest nation-state APT cases in history, including Stuxnet, Duqu, Equation Group, Red October, Turla and Lazarus.
In this exit interview, Costin digs into why he left the GReAT team after 13 years at the helm, ethical questions on exposing certain APT operations, changes in the nation-state malware attribution game, technically impressive APT attacks, and the 'dark spots' where future-thinking APTs are living.
-
Dakota Cary on China's weaponization of software vulnerabilities
September 15th, 2023 | 55 mins 48 secs
apts, atlantic council, china, nation-state
Episode sponsors:
- Binarly (https://binarly.io)
- FwHunt (https://fwhunt.run)
Dakota Cary is a nonresident fellow at the Atlantic Council’s Global China Hub, conducting research on China’s efforts to develop its hacking capabilities, artificial-intelligence and cybersecurity research at Chinese universities, the People’s Liberation Army’s efforts to automate software vulnerability discovery, and new policies to improve China’s cybersecurity-talent pipeline.
In this episode, Cary expands on a new report -- 'Sleight of Hand' -- that delves into the changing legal landscape for vulnerability disclosure in China, the PRC's weaponization of software vulnerabilities, nation state-backed threat actors in China and that infamous Bloomberg 'rice grain' spy chip story.