Security Conversations

Fortinet 0days, Appin hack-for-hire exposé, crypto heists, Russians booted from Linux kernel

Oct 25, 2024

In this engaging discussion, Juan Andres Guerrero-Saade, a threat intelligence expert from SentinelLabs, and Costin Raiu, Kaspersky's Global Research Director, dive into critical cybersecurity issues. They unpack the alarming rise of cryptocurrency heists and the sophisticated tactics employed by cybercriminals. The conversation also touches on the implications of a major Fortinet zero-day exploit linked to potential nation-state actors and the exclusion of Russian contributors from the Linux kernel amid geopolitical tensions. Insights on accountability in tech vendors and investigative journalism add further depth.

01:26:44

Creator website

Episode guests

Costin Raiu

Juan Andres Guerrero-Saade

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The White House's new TLP guidance aims to enhance information sharing protocols among federal agencies and researchers for improved collaboration.

The legal battles surrounding Appin highlight the critical need for protecting journalistic integrity in cybersecurity reporting against potential coercion.

The increasing sophistication of cyber threats, particularly in cryptocurrency, demonstrates the urgent necessity for vigilance and investigation amidst evolving criminal tactics.

Deep dives

Traffic Light Protocol Guidance

The podcast discusses the recent guidance issued by the White House regarding the Traffic Light Protocol (TLP) for federal agencies. This guidance aims to clarify how federal entities should handle information shared under different TLP levels, specifically addressing the lack of respect for these classifications. Historically, many federal agencies viewed TLP guidelines as non-binding, which led to misinterpretation and misuse of information sharing protocols, resulting in a culture of disregard. The hosts highlight that the ONCD's intervention could enhance collaboration and respect for information shared among researchers and government bodies.

Intro

3min

Navigating Trust and TLP in Cybersecurity

21min

Cybersecurity Vulnerabilities and Vendor Accountability

19min

Analyzing Nation-State Involvement in Fortinet Vulnerabilities

2min

Apple's Private Cloud Unveiled

5min

Geopolitics and Open Source: Exclusion in Linux Development

6min

Geopolitical Tensions and Open-Source Software

3min

The Rising Threat of Crypto Heists

15min

Cybersecurity Critique and Global Perspectives

14min

Three Buddy Problem - Episode 18: This week’s show covers the White House's new Traffic Light Protocol (TLP) guidance, Reuters expose of Appin as a hack-for-hire mercenary company, Fortinet zero-day exploitation and missing CSRB investigations, major cryptocurrency heists, Apple opening Private Cloud Compute to public inspection, Russians removed from Linux kernel maintenance and China’s Antiy beefing with Sentinel One over APT reporting.

Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).

Links:

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Security Conversations

Fortinet 0days, Appin hack-for-hire exposé, crypto heists, Russians booted from Linux kernel

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Traffic Light Protocol Guidance

The Challenge of Information Sharing

The Legal Landscape Around Cyber Reporting

Rising Threats in Cryptocurrency Space

Chinese Cybersecurity Threat Reports

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

Security Conversations

Fortinet 0days, Appin hack-for-hire exposé, crypto heists, Russians booted from Linux kernel

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Traffic Light Protocol Guidance

The Challenge of Information Sharing

The Legal Landscape Around Cyber Reporting

Rising Threats in Cryptocurrency Space

Chinese Cybersecurity Threat Reports

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights