Securing the Code: APT Threats in Development

Three Buddy Problem - Episode 25: An update on Romania’s cancelled election, the implications of TikTok on democratic processes, and the broader issues around surveillance capitalism and micro-targeting.

Plus, news on Turla piggybacking on cybercriminal malware to hit Ukraine, the return of Careto and the absence of IOCs, Claroty report on an Iran-linked cyberweapon targeting critical infrastructure, ethical considerations in cyberwarfare, and the implications of quantum computing on security and cryptocurrencies.

Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.

Links:

• Transcript (unedited, AI-generated)
• Turla using tools of other groups to attack Ukraine (Microsoft)
• EpicTurla.com: The lost reports
• Microsoft Recall screenshots credit cards and SSNs
• Stephan Casas: macOS applications quietly capturing screenshots
• CVE-2024-49138 - MS 0day exploited in the wild
• Sanctions hit Chinese company behind Sophos 0day attack
• SentinelLabs: Operation Digital Eye
• Careto APT’s recent attacks discovered
• Claroty: Inside a New OT/IoT cyberweapon
• Predatory Sparrow: cyber sabotage with a conscience?
• Willow, Google's state-of-the-art quantum chip
• What sucks in security? Research findings from 50+ security leaders