We found 10 episodes of Security Conversations with the tag “zero-day”.
-
Ep6: After CrowdStrike chaos, should Microsoft kick EDR agents out of Windows kernel?
July 26th, 2024 | 1 hr 16 mins
apt research, crowdstrike, edr, microsoft, nation-state, windows, zero-day
The 'Three Buddy Problem' Podcast Episode 6: As the dust settles on the CrowdStrike incident that blue-screened 8.5 million Windows computers worldwide, we dig into CrowdStrike’s preliminary incident report, the lack of transparency in the update process and the need for more robust testing and validation. We also discuss Microsoft's responsibility to avoid infinite BSOD loops, risks of deploying EDR agents on critical systems, and how an EU settlement is being blamed for EDR vendors having access to the Windows kernel.
Other topics on the show include Mandiant's attribution capabilities, North Korea’s gov-backed hacking teams launching ransomware on hospitals, KnowBe4 hiring a fake North Korean IT worker, and new developments in the NSO Group surveillance-ware lawsuit.
Hosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)
-
Ep5: CrowdStrike's faulty update shuts down global networks
July 19th, 2024 | 59 mins 51 secs
apt research, crowdstrike, edr, nation-state, zero-day
The 'Three Buddy Problem' Podcast Episode 5: Hot off the press, we dive into the news of the CrowdStrike software update that caused blue screens on computers worldwide, the resulting chaos and potential connections to the Microsoft 365 outage, the fragility of modern computing and the risks of new software paradigms.
We also discuss the AT&T mega-breach and the ransom paid to delete the stolen data; the challenges of ransomware and the uncertainty surrounding the deletion of stolen data; the FBI gaining access to a password-protected phone, the prices for zero-click exploits; and the resurgence of APT 41 with expanding targets.
Plus, some news on upcoming keynote speakers at LabsCon 2024.
Hosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)
-
Costin Raiu: The GReAT exit interview
January 15th, 2024 | 1 hr 32 mins
apt research, nation-state, zero-day
Episode sponsors:
- Binarly, the supply chain security experts (https://binarly.io)
- FwHunt (https://fwhunt.run)
Costin Raiu has spent a lifetime in anti-malware research, working on some of the biggest nation-state APT cases in history, including Stuxnet, Duqu, Equation Group, Red October, Turla and Lazarus.
In this exit interview, Costin digs into why he left the GReAT team after 13 years at the helm, ethical questions on exposing certain APT operations, changes in the nation-state malware attribution game, technically impressive APT attacks, and the 'dark spots' where future-thinking APTs are living.
-
Federico Kirschbaum on a life in the Argentina hacking scene
July 19th, 2023 | 42 mins 1 sec
argentina, core security, ekoparty, exploits, zero-day
Episode sponsors:
- Binarly (https://binarly.io)
- FwHunt (https://fwhunt.run)
Faraday chief executive Federico 'Fede' Kirschbaum joins the show to talk about building a startup in the vulnerability management space, the intricacies of the Argentinian hacking culture, stories of exploit writers and mercenary hackers, and the overwhelming U.S.-centric view of the cybersecurity industry.
-
JAG-S on big-game malware hunting and a very mysterious APT
October 17th, 2022 | 52 mins 40 secs
apts, cyberespionage, exploits, zero-day
- Episode sponsors: Binarly and FwHunt - Protecting devices from emerging firmware and hardware threats using modern artificial intelligence.
SentinelLabs malware hunter Juan Andres Guerrero-Saade (JAG-S) returns to the show to discuss how big-game attribution has changed over the years, the nation-state APT landscape, Mudge and the nightmares facing CISOs, and a mysterious actor named Metador.
-
Project Zero's Maddie Stone on the surge in zero-day discoveries
May 10th, 2022 | 42 mins 10 secs
disclosure, exploits, google, memory safety, project zero, transparency, zero-day
Maddie Stone is a security researcher in Google's Project Zero team. Over the last few years, she has publicly tracked the discovery and disclosure of zero-day malware attacks seen in the wild. On this episode, Maddie joins Ryan to chat about three years of zero-day exploitation data, the nuances around 0day disclosures, the never-ending struggle to mitigate memory corruption attacks and the need for transparency among affected vendors.
-
Google's Shane Huntley on zero-days and the nation-state threat landscape
April 4th, 2022 | 40 mins 44 secs
exploits, google, project zero, pwn2own, zero-day
Director at Google's Threat Analysis Group (TAG) Shane Huntley joins the show and talks about lessons from the 2009 Aurora attacks, the surge in zero-day discoveries, the usefulness of IOCs, North Korean APT operations, private sector mercenary hackers, the expanding nation-state threat actor map, and much more...
-
Costin Raiu on the .gov mobile exploitation business
December 23rd, 2021 | 41 mins 18 secs
android, apple, exploits, ios malware, nso pegasus, psoas, zero-day
Global director of Kaspersky's GReAT research team Costin Raiu returns to the show for an indepth discussion on the mobile surveillance business, the technically impressive FORCEDENTRY iOS exploit, the ethical questions facing exploit developers and the role of venture capitalists in the mobile malware ecosystem.
-
Throwback: Zero-day exploit broker Chaouki Bekrar
March 3rd, 2021 | 24 mins 42 secs
exploit brokers, exploits, pwn2own, vupen, zero-day, zerodium
This is the republication of an interview first conducted in March 2013 with then-VUPEN chief executive Chauki Bekrar. The audio file was lost in several podcast platform transfers and I'm glad to be able to retain this interview for historical purposes.
The recording was conducted in the hallways of the CanSecWest Pwn2Own hacking contest in 2013 where Bekrar's team of hackers demo'd a zero-day attack against Microsoft Internet Explorer 10 on Windows 8, an exploit that bypassed all mitigations including the browser sandbox. We chat about the controversies surrounding the sale of zero-day vulnerabilities and exploits, his company’s business dealings and the work that goes into winning the CanSecWest Pwn2Own hacker contest.
Please excuse the audio quality and background noise.