Displaying Episode 61 - 70 of 73 in total of Three Buddy Problem with the tag “zero-day”.
-
Ep11: Cyberwarfare takes an ominous turn
September 6th, 2024 | 1 hr 15 mins
china, cisa, doppelganger, gru, influence operations, north korea, russia, skills shortage, skripal, south korea, unit 29155, yara, zero-day
Three Buddy Problem - Episode 11: Russia's notorious GRU Unit 29155 (previously tied to assassinations, poisonings and coup attempts) now blamed for destructive cyberattacks for sabotage; FBI and DOJ take down 'Doppelganger' network spreading Russian propaganda; CISA's budget, staff, advisories and YARA rules; Influence Operations 2.0; prolific Chinese hackers and global bug-disclosure implications; North Korean hacking capabilities and 0day expertise.
Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)
-
Ep10: Volt Typhoon zero-day, Russia's APT29 reusing spyware exploits, Pavel Durov's arrest
August 30th, 2024 | 1 hr 18 mins
apt research, nation-state, ransomware, volt typhoon, zero-day
Three Buddy Problem - Episode 10 -- Top stories this week: Volt Typhoon zero-day exploitation of Versa Director servers, Chinese APT building botnets with EOL routers, the gap in security solutions for network devices and appliances, Russia's APT29 (Midnight Blizzard) caught reusing exploits from NSO Group and Intellexa, Microsoft’s upcoming Windows endpoint security summit in response to the CrowdStrike incident, and the arrest of Telegram’s Pavel Durov in France. Plus, the NSA is launching a podcast.
Hosts: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)
-
Ep9: The blurring lines between nation-state APTs and the ransomware epidemic
August 23rd, 2024 | 1 hr 6 mins
apt research, attribution, china, nation-state, ransomware, taiwan, xiaomi, zero-day
The 'Three Buddy Problem' Podcast Episode 9: On this episode, we look at the hacking scene in Taiwan, the sad state of visibility into big malware campaigns, the absence of APTs linked to the prolific MIVD Dutch intelligence agency, the blurring lines between big ransomware heists and nation-state actors caught using ransomware as a tool for sabotage and misattribution.
Plus, Chinese mobile OS vendor Xiaoimi caught disabling parts of its infrastructure -- including its global app store -- to thwart Pwn2Own contestants; and news of an addition to the LABScon 2024 keynote stage.
Hosts: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)
-
Ep8: Microsoft's zero-days and a wormable Windows TCP/IP flaw known to China
August 17th, 2024 | 1 hr 17 mins
apt research, nation-state, zero-day
The 'Three Buddy Problem' Podcast Episode 8: This week’s show digs into Microsoft’s in-the-wild zero-day woes, Patch Tuesday and the absence of IOCs, a wormable Windows TCP/IP flaw that the Chinese government knew about for months, Iran’s aggressive hacking US election targets, CrowdStrike v Qihoo360 and major problems with APT naming conventions.
Hosts: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)
-
Ep6: After CrowdStrike chaos, should Microsoft kick EDR agents out of Windows kernel?
July 26th, 2024 | 1 hr 16 mins
apt research, crowdstrike, edr, microsoft, nation-state, windows, zero-day
The 'Three Buddy Problem' Podcast Episode 6: As the dust settles on the CrowdStrike incident that blue-screened 8.5 million Windows computers worldwide, we dig into CrowdStrike’s preliminary incident report, the lack of transparency in the update process and the need for more robust testing and validation. We also discuss Microsoft's responsibility to avoid infinite BSOD loops, risks of deploying EDR agents on critical systems, and how an EU settlement is being blamed for EDR vendors having access to the Windows kernel.
Other topics on the show include Mandiant's attribution capabilities, North Korea’s gov-backed hacking teams launching ransomware on hospitals, KnowBe4 hiring a fake North Korean IT worker, and new developments in the NSO Group surveillance-ware lawsuit.
Hosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)
-
Ep5: CrowdStrike's faulty update shuts down global networks
July 19th, 2024 | 59 mins 51 secs
apt research, crowdstrike, edr, nation-state, zero-day
The 'Three Buddy Problem' Podcast Episode 5: Hot off the press, we dive into the news of the CrowdStrike software update that caused blue screens on computers worldwide, the resulting chaos and potential connections to the Microsoft 365 outage, the fragility of modern computing and the risks of new software paradigms.
We also discuss the AT&T mega-breach and the ransom paid to delete the stolen data; the challenges of ransomware and the uncertainty surrounding the deletion of stolen data; the FBI gaining access to a password-protected phone, the prices for zero-click exploits; and the resurgence of APT 41 with expanding targets.
Plus, some news on upcoming keynote speakers at LabsCon 2024.
Hosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)
-
Costin Raiu: The GReAT exit interview
January 15th, 2024 | 1 hr 32 mins
apt research, nation-state, zero-day
Episode sponsors:
- Binarly, the supply chain security experts (https://binarly.io)
- FwHunt (https://fwhunt.run)
Costin Raiu has spent a lifetime in anti-malware research, working on some of the biggest nation-state APT cases in history, including Stuxnet, Duqu, Equation Group, Red October, Turla and Lazarus.
In this exit interview, Costin digs into why he left the GReAT team after 13 years at the helm, ethical questions on exposing certain APT operations, changes in the nation-state malware attribution game, technically impressive APT attacks, and the 'dark spots' where future-thinking APTs are living.
-
Federico Kirschbaum on a life in the Argentina hacking scene
July 19th, 2023 | 42 mins 1 sec
argentina, core security, ekoparty, exploits, zero-day
Episode sponsors:
- Binarly (https://binarly.io)
- FwHunt (https://fwhunt.run)
Faraday chief executive Federico 'Fede' Kirschbaum joins the show to talk about building a startup in the vulnerability management space, the intricacies of the Argentinian hacking culture, stories of exploit writers and mercenary hackers, and the overwhelming U.S.-centric view of the cybersecurity industry.
-
JAG-S on big-game malware hunting and a very mysterious APT
October 17th, 2022 | 52 mins 40 secs
apts, cyberespionage, exploits, zero-day
- Episode sponsors: Binarly and FwHunt - Protecting devices from emerging firmware and hardware threats using modern artificial intelligence.
SentinelLabs malware hunter Juan Andres Guerrero-Saade (JAG-S) returns to the show to discuss how big-game attribution has changed over the years, the nation-state APT landscape, Mudge and the nightmares facing CISOs, and a mysterious actor named Metador.
-
Project Zero's Maddie Stone on the surge in zero-day discoveries
May 10th, 2022 | 42 mins 10 secs
disclosure, exploits, google, memory safety, project zero, transparency, zero-day
Maddie Stone is a security researcher in Google's Project Zero team. Over the last few years, she has publicly tracked the discovery and disclosure of zero-day malware attacks seen in the wild. On this episode, Maddie joins Ryan to chat about three years of zero-day exploitation data, the nuances around 0day disclosures, the never-ending struggle to mitigate memory corruption attacks and the need for transparency among affected vendors.