Three Buddy Problem

Three Buddy Problem - Episode 50: This week, we dissect cyber flashpoints in the Iran-Israel war, revisit the “magnet of threats” server in Iran that attracted APTs from multiple nation-states, and react to Israel's Mossad sneaking explosive drone swarms deep into Iran to support airstrikes. Plus, Stealth Falcon’s new WebDAV zero-day, SentinelOne’s brush with Chinese APTs, Citizen Lab’s forensic takedown of Paragon’s iPhone spyware, and the sneaky Meta/Yandex trick that links Android web browsing to app IDs. Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.Links:Transcript (unedited, AI-generated)Israel-Iran war breaks out'The magnet of threats'Mossad set up drone swarm base in Iran Stealth Falcon's Exploit of Microsoft Zero Day CVE-2025-33053 - WebDAV remote code executionCISA, Microsoft warn of Windows zero-day China-nexus Threat actors target SentinelOne Chinese Espionage Crews Circle SentinelOneCitizen Lab: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted - The Citizen LabMeta and Yandex are de-anonymizing Android users’ web browsing identifiersDreadnode Offensive AI ConferenceLABScon Call for Papers

Mikko Hypponen, a cybersecurity veteran and Chief Research Officer at Sensofusion, dives into the cutting-edge world of drone warfare. He discusses Ukraine's innovative Operation Spiderweb, where drone swarms targeted Russian airbases, highlighting the changing landscape of military strategy. The conversation also touches on the ethical implications of autonomous drones and the challenges of naming cyber threats. With insights into the cyber tactics employed in the Ukraine-Russia conflict, Hypponen shares a unique perspective on the intersection of technology and modern warfare.

The podcast dives into the complexities of cyber threat intelligence, spotlighting the controversial naming of actors like 'Void Blizzard' and the resulting confusion. It examines the significant role of initial-access brokers in nation-state breaches and critiques the decline of transparency in reporting Western APTs. The hosts discuss the potential of AI in identifying software vulnerabilities and its implications for cybersecurity professionals. They also highlight the necessary collaboration between the public and private sectors to tackle evolving threats.

Exploring the intricate web of cyber warfare, the discussion highlights Russia's hacking of Ukraine's supply lines and a controversial vulnerability disclosure by Akamai. The conversation shifts to Signal's new screenshot-blocking feature, aimed at enhancing user privacy amid growing concerns. A fascinating debate unfolds over the ethics of exploit code publication and its implications for defenders in cybersecurity. Additionally, Japan's shift towards offensive cyber defense raises eyebrows, alongside discussions on the role of tech giants in shaping future governance.

Three Buddy Problem - Episode 46: We dig into a Coinbase breach headlined by bribes, rogue contractors and a $20 million ransom demand. Plus, (another!) batch of Ivanti and Microsoft zero-days being exploited in the wild, a new 'Intrusion Logging' feature coming to Android, Apple's iOS 18.5 patches, and the EU announcing its own vulnerability database and software vendor secure-coding pledge. Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.Links:Transcript (unedited, AI-generated)Coinbase on $20m ransom demandSEC filing on Coinbase breachCoinbase Rogue Contractors Bribed to Leak Customer DataIvanti 0day exploit chain (CVE-2025-4427 and CVE-2025-4428)Watchtowr blog on new Ivanti 0daysCISA Known Exploited Vulnerabilities (KEV)'Advanced Protection' comes to Android 16Europe launches it own vulnerability database

Juan Andres Guerrero-Saade, a security researcher at SentinelOne and an adjunct at the Alperovich Institute, offers deep insights into wartime cyber threat intelligence. He emphasizes its crucial role in bridging information gaps between adversaries, especially highlighted by the Ukraine-Russia conflict. The conversation delves into the ethical challenges faced by cybersecurity professionals and the moral responsibilities tied to intelligence-sharing. Guerrero-Saade urges the audience to reflect on the real-world implications of their work, making a case for deeper self-awareness in the field.

Delve into the intriguing use of an obscure app by US officials to archive Signal messages and the implications for privacy. Discover OpenAI's innovative Aardvark model aimed at enhancing software security through bug detection. Explore the shifting landscape of US offensive cyber strategies and the potential for organizations to go on the offensive as part of deterrence. Unpack the complexities surrounding a significant $330 million Bitcoin heist and the rising tensions over cybersecurity, disinformation, and political influences in Romania.

Three Buddy Problem - Episode 43: Director of the Alperovitch Institute for Cybersecurity Studies Thomas Rid joins the show for a deep-dive into the philosophical and ethical considerations surrounding AI consciousness and anthropomorphism. We dig into the multifaceted implications of AI technology, particularly focusing on data privacy, national security, and the philosophical questions surrounding AI consciousness and rights. Plus, TP-Link under US government investigation and the broader issues of consumer trust in hardware security, the need for regulation and inspectability of technology, and the struggles with patching network devices. Cast: Thomas Rid, Juan Andres Guerrero-Saade and Ryan Naraine. Costin Raiu is away this week.Links:Transcript (unedited, AI-generated)Anthropic: Exploring AI model welfare, consciousnessDavid Chalmers: Taking AI Welfare SeriouslySam Altman: AI privacy safeguards can’t be established before ‘problems emerge’TP-Link router pricing and China ties under US gov probeBloomberg: TP-Link’s US Future Hinges on Claimed Split From ChinaVerizon DBIR 2015 (full report)Mandiant M-Trends 2025 ReportFBI seeking tips about China's 'Salt Typhoon' hackersNorth Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ FeatureDan Geer on the realpolitik of cybersecurityLABScon 2025 CFP is openRansom War by Max Smeets

The discussion kicks off with China's surprising revelations about alleged NSA cyber operatives and the geopolitical fallout of these cyber accusations. They dive into the mounting concerns surrounding Apple’s critical zero-day vulnerabilities and the shaky ground of the CVE funding crisis. Listeners gain insights into the balance between enhanced security features and user convenience, and the challenges faced by the tech community amidst rising costs of mobile exploits and external dependencies. The episode wraps with reflections on personal connections and resilience in the cybersecurity world.

Join a lively discussion on the NSA director's unexpected firing and its implications for national security. Delve into Ivanti's critical mismanagement of a VPN vulnerability that a Chinese APT exploited. Discover the fascinating keynote about trust in hardware supply chains and the risks of undocumented chip areas. Laugh at the idea of a backdoor found in a popular Chinese robot dog while pondering China's robotics market dominance. Moreover, gain insights into AI's role in identifying software vulnerabilities and Russian operatives impersonating the CIA.