Three Buddy Problem

Hijacking .gov backdoors, Ivanti 0days and a Samsung 0-click vuln

Jan 10, 2025

The podcast dives into the troubling rise of Ivanti zero-day vulnerabilities, highlighting their constant exploitation. China's unusual reactions to cyber attribution are explored, alongside Japan's concerns over hacking incidents. The hosts discuss a shocking zero-click vulnerability found in Samsung devices, and the intense cyber warfare between Ukrainian hackers and Russian ISPs. They also touch on the implications of advanced technologies like quantum computing and the resilience of the cybersecurity community in facing these challenges.

01:48:21

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Ivanti's ongoing zero-day vulnerabilities highlight a troubling pattern of security failures and the need for improved practices in cybersecurity.

The sophistication of Chinese threat actors exploiting multiple network devices underscores the urgency for organizations to reassess their defensive strategies.

Recent findings of a Samsung zero-click vulnerability illustrate persistent mobile security challenges and the importance of timely software updates to mitigate risks.

Deep dives

Repetitive Security Concerns

The discussion reflects on the recurring theme of cybersecurity vulnerabilities, notably with Ivanti's Connect Secure product facing a new exploitation scenario. News emerges about Ivanti patching two vulnerabilities, but only one is currently being exploited, raising concerns about the ongoing pattern of security failures within network devices. The speakers highlight the futility in repeatedly experiencing similar breaches without substantial improvements, leading to a sense of déjà vu regarding security incidents. This frustration is compounded by the realization that these issues seem to persist in the face of technological advancements.

Intro

2min

Concerns Over Ivanti's Integrity Monitoring and Security Practices

3min

Securing Ivanti: Challenges and Strategies

22min

Unpacking Cyber Sanctions and Misinformation

6min

Cybersecurity and Geopolitical Implications

23min

Electric Cars and Geopolitical Implications

13min

Cybersecurity Vulnerabilities and Misinformation

24min

Samsung S24 Security Vulnerabilities and Quantum Resistance

7min

Exploring Quantum Computing and NVIDIA Innovations

2min

10.

Quantum Computing and Community Resilience

5min

11.

Navigating Loss and Community Resilience

2min

Three Buddy Problem - Episode 29: Another day, another Ivanti zero-day being exploited in the wild. Plus, China's strange response to Volt Typhoon attribution, Japan blames China for hacks, a Samsung 0-click vulnerability found by Project Zero, Kim Zetter's reporting on drone sightings and a nuclear scare. Plus, hijacking abandoned .gov backdoors and Ukrainian hacktivists wiping a major Russian ISP.

Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.

Links:

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Three Buddy Problem

Hijacking .gov backdoors, Ivanti 0days and a Samsung 0-click vuln

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Repetitive Security Concerns

Detection and Monitoring Challenges

Attribution and Cyber Threat Groups

Long-term Security Improvement Skepticism

Impact of Chinese Cyber Strategies

Recent Developments in Mobile Security

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

Three Buddy Problem

Hijacking .gov backdoors, Ivanti 0days and a Samsung 0-click vuln

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Repetitive Security Concerns

Detection and Monitoring Challenges

Attribution and Cyber Threat Groups

Long-term Security Improvement Skepticism

Impact of Chinese Cyber Strategies

Recent Developments in Mobile Security

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights