web02.fireside.fm Sat, 25 Apr 2026 12:00:55 -0500 Fireside (https://fireside.fm) Three Buddy Problem - Episodes Tagged with “Salt Typhoon” https://securityconversations.fireside.fm/tags/salt%20typhoon Sat, 07 Dec 2024 11:30:00 -0700 The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. <a href="https://twitter.com/ryanaraine">Connect with Ryan on Twitter</a> (Open DMs). en-us episodic A Security Conversations podcast Security Conversations The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. <a href="https://twitter.com/ryanaraine">Connect with Ryan on Twitter</a> (Open DMs). no cybersecurity, ciso, infosec, security, hacking, information security, research Security Conversations naraine@gmail.com Inside the Turla Playbook: Hijacking APTs and fourth-party espionage http://securityconversations.fireside.fm/inside-turla-playbook-hijacking-apt-fourth-party-collection af6d806f-6e02-4b8a-b12c-ed94b0f61215 Sat, 07 Dec 2024 11:30:00 -0700 Security Conversations full Security Conversations Three Buddy Problem Episode 24: In this episode, we dig into Lumen/Microsoft’s revelations on Russia's Turla APT stealing from a Pakistani APT, and issues around fourth-party espionage and problems with threat actor attribution. We also discuss Citizen Lab’s findings on Monokle-like spyware implanted by Russian authorities, the slow pace of Salt Typhoon disinfection, the Solana web3.js supply chain attack affecting crypto projects, and the Romanian election crisis over Russian interference via TikTok. Cast: Juan Andres Guerrero-Saade, Costin Raiu, Ryan Naraine. 1:47:08 no Three Buddy Problem - Episode 24: In this episode, we did into Lumen/Microsoft’s revelations on Russia's Turla APT stealing from a Pakistani APT, and issues around fourth-party espionage and problems with threat actor attribution. We also discuss Citizen Lab’s findings on Monokle-like spyware implanted by Russian authorities, the slow pace of Salt Typhoon disinfection, the Solana web3.js supply chain attack affecting crypto projects, and the Romanian election crisis over Russian interference via TikTok. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu)and Ryan Naraine (https://twitter.com/ryanaraine). Monokle, Salt Typhoon, Turla, Solana, spyware, cyberespionage, ransomware, crypto, hacking, surveillance, encryption, regulations, elections, drones, cybersecurity Three Buddy Problem - Episode 24: In this episode, we did into Lumen/Microsoft’s revelations on Russia's Turla APT stealing from a Pakistani APT, and issues around fourth-party espionage and problems with threat actor attribution. We also discuss Citizen Lab’s findings on Monokle-like spyware implanted by Russian authorities, the slow pace of Salt Typhoon disinfection, the Solana web3.js supply chain attack affecting crypto projects, and the Romanian election crisis over Russian interference via TikTok.

Cast: Juan Andres Guerrero-Saade, Costin Raiuand Ryan Naraine.

Links:

]]> Three Buddy Problem - Episode 24: In this episode, we did into Lumen/Microsoft’s revelations on Russia's Turla APT stealing from a Pakistani APT, and issues around fourth-party espionage and problems with threat actor attribution. We also discuss Citizen Lab’s findings on Monokle-like spyware implanted by Russian authorities, the slow pace of Salt Typhoon disinfection, the Solana web3.js supply chain attack affecting crypto projects, and the Romanian election crisis over Russian interference via TikTok.

Cast: Juan Andres Guerrero-Saade, Costin Raiuand Ryan Naraine.

Links:

]]> Typhoons and Blizzards: Cyberespionage and national security on front burner http://securityconversations.fireside.fm/tbp-ep16 b270f0b1-359a-43e1-b218-7b1329f43093 Fri, 11 Oct 2024 13:00:00 -0700 Security Conversations full Security Conversations Three Buddy Problem Episode 16: We break down the new GCHQ advisory on the history and tactics of Russia’s APT29, the challenges of tracking and defending against these sophisticated espionage programs, the mysterious Salt Typhoon intrusions, the absence of technical indicators (IOCs), the risks of supply chain attacks. We also touch on the surge in zero-day discoveries, the nonstop flow of exploited Ivanti security bugs, and why the CSRB should investigate these network edge device and appliance vendors. Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek). 1:09:09 no Three Buddy Problem - Episode 16: We break down the new GCHQ advisory on the history and tactics of Russia’s APT29, the challenges of tracking and defending against these sophisticated espionage programs, the mysterious Salt Typhoon intrusions, the absence of technical indicators (IOCs), the risks of supply chain attacks. We also touch on the surge in zero-day discoveries, the nonstop flow of exploited Ivanti security bugs, and why the CSRB should investigate these network edge device and appliance vendors. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs) (SentinelLabs), Costin Raiu (https://twitter.com/craiu) (Art of Noh) and Ryan Naraine (https://twitter.com/ryanaraine) (SecurityWeek). Cybersecurity Threats, APT29 Cyber Attacks, Salt Typhoon Hacks, Espionage and Cyber Warfare, National Security Risks, SVR cyber threat, APT29 tactics, Russia cyber espionage, Chinese cyber actors, Salt Typhoon vulnerability, Microsoft Teams exploitation, JetBrains TeamCity vulnerability, Supply chain cyber attack, National security cyber risks, Cyber threat indicators Three Buddy Problem - Episode 16: We break down the new GCHQ advisory on the history and tactics of Russia’s APT29, the challenges of tracking and defending against these sophisticated espionage programs, the mysterious Salt Typhoon intrusions, the absence of technical indicators (IOCs), the risks of supply chain attacks. We also touch on the surge in zero-day discoveries, the nonstop flow of exploited Ivanti security bugs, and why the CSRB should investigate these network edge device and appliance vendors.

Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).

Links:

]]> Three Buddy Problem - Episode 16: We break down the new GCHQ advisory on the history and tactics of Russia’s APT29, the challenges of tracking and defending against these sophisticated espionage programs, the mysterious Salt Typhoon intrusions, the absence of technical indicators (IOCs), the risks of supply chain attacks. We also touch on the surge in zero-day discoveries, the nonstop flow of exploited Ivanti security bugs, and why the CSRB should investigate these network edge device and appliance vendors.

Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).

Links:

]]>