Security Conversations

US Treasury hacked via BeyondTrust, MISP and the threat actor naming mess

Jan 3, 2025

Discover the chaos surrounding threat actor naming conventions and the push for a standardization via MISP. Dive into the breach of BeyondTrust that compromised the US Treasury, illustrating the urgent need for improved cybersecurity. Unpack the emergence of the XDR33 CIA Hive malware variant and explore its low detection rates. With insights into the distrust surrounding corporate cybersecurity pledges, the discussion emphasizes accountability and transparency in the face of escalating threats.

01:49:16

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The cybersecurity breach involving BeyondTrust exposed sensitive U.S. data to Chinese state-sponsored hackers, raising concerns about national security and transparency.

Zero-day vulnerabilities are increasingly exploited, with documented cases rising from 54 in 2022 to 98 in 2023, highlighting significant challenges for cybersecurity vendors.

The discussion on standardizing threat actor naming via MISP reveals complexities and skepticism about achieving consistency amidst existing marketing pressures and organizational practices.

Deep dives

Optimistic Start to the New Year

The speakers express a sense of excitement and optimism about the new year, contrasting it with the challenges and rough experiences of the previous year. One host shares personal positivity, feeling like they are entering a different phase in life. Amidst hardship, there is a sense of renewal and hope for what lies ahead, reflecting a broader sentiment of resilience and possibility for change. This positive energy sets an encouraging tone for the discussions that follow in the episode.

Intro

2min

Breach of Trust: The BeyondTrust Incident and Its Implications

2min

Cybersecurity Challenges and Accountability

15min

Navigating Cybersecurity Trust

21min

Engineering Culture and Security at Google

7min

Naming Chaos in Cybersecurity

21min

Navigating Threat Intelligence and Naming Conventions

23min

Unveiling XDR33: The CIA's Evolving Threats

10min

Valadin's Role in Cybersecurity and Threat Actor Naming Challenges

2min

10.

Threat Tracking and Personal Reflections

8min

Three Buddy Problem - Episode 28: In this episode, we explore the ongoing challenges of threat actor naming in cybersecurity and the confusion caused by a lack of standardization, methodological inconsistencies and skewed, marketing-driven incentives.

Plus, the US Treasury/BeyondTrust hack, the surge in 0day discoveries, a new variant of the Xdr33 CIA Hive malware, and exclusive new information on the Cyberhaven Chrome extension security incident.

Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.

Links:

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Security Conversations

US Treasury hacked via BeyondTrust, MISP and the threat actor naming mess

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Optimistic Start to the New Year

Cybersecurity Incident with BeyondTrust

Continual Emergence of Zero-Day Exploits

Naming Standards for Threat Actors

New Developments in Threat Actor Monitoring

Industry Efforts to Combat Threats

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

Security Conversations

US Treasury hacked via BeyondTrust, MISP and the threat actor naming mess

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Optimistic Start to the New Year

Cybersecurity Incident with BeyondTrust

Continual Emergence of Zero-Day Exploits

Naming Standards for Threat Actors

New Developments in Threat Actor Monitoring

Industry Efforts to Combat Threats

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights