Ep7: Crowd2K and the kernel, PKFail supply chain failures, Paris trains sabotage and Russian Olympic attacks

Three Buddy Problem - Episode 7: In this episode, we try to close the book on the CrowdStrike Windows BSOD story, Microsoft VP David Weston’s technical documentation and issues around kernel access and OS resilience. We also discuss Binarly’s PKFail research, secure boot bypasses, Dan Geer and tech monoculture, software vendor liability issues and the need for inspectability in security mechanisms.

The conversation explores cyber angles to train service disruptions in Paris, the history of cyber operations targeting the Olympics, the lack of public acknowledgment and attribution of cyber operations by Western intelligence agencies, and the importance of transparency and case studies in understanding and discussing cyber operations.

Hosts: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek)

Links:

• Episode Transcript
• Microsoft VP David Weston on CrowdStrike issue
• Delta seeking damages from CrowdStrike, Microsoft
• Wealthy Russian With Kremlin Ties Gets 9 Years in Prison for Hacking and Insider Trading Scheme
• Industroyer
• Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon
• LABScon Speakers
• Livestream from DEFCON 32