Explore the intricate world of cybersecurity where nation-state actors blur the lines with ransomware, turning it into a tool for espionage. Dive into the hacking culture in Taiwan and the visibility challenges surrounding Advanced Persistent Threats (APTs). Discover the ethical dilemmas and complexities nations face in identifying cyber threats, alongside the controversial tactics of Xiaomi during hacking competitions. It's a thrilling journey through the evolving landscape of cyber threats and the geopolitical tensions shaping it all.

The discussion dives into Microsoft's troubling zero-day vulnerabilities, including a wormable TCP/IP flaw known to China for months. The hosts reflect on the challenges of Patch Tuesday and the issues surrounding naming conventions for cyber threats. They touch on the increasing cyber aggression from Iran targeting US elections, and dissect conflicting claims from major cybersecurity firms. The conversation also highlights the geopolitical implications of cyber activities and stresses the importance of clarity in vulnerability reporting.

The discussion dives deep into CrowdStrike's Windows BSOD saga and the intricacies of kernel access. A critical look at the PKFail research reveals serious vulnerabilities in secure boot technology. Listeners are intrigued by cyber sabotage linked to European train services and the historical cyber attacks related to the Olympics, particularly with Russian involvement. The conversation emphasizes the need for transparency in cybersecurity and the growing importance of software vendor liability amid increasing geopolitical tensions.

The podcast dives into the chaos caused by a CrowdStrike update that blue-screened millions of Windows systems, spotlighting the urgent need for better testing. It questions Microsoft's handling of EDR agents and the responsibilities tied to kernel access. A discussion on Mandiant's report reveals insights into North Korean cyber threat tactics. The hosts critique cybersecurity reporting and explore the implications of the NSO Group lawsuits on tech giants. Overall, it's a gripping look at the intersection of cybersecurity failures and corporate accountability.

Discussion on CrowdStrike's faulty update causing global network shutdowns and potential ties to Microsoft 365 outage. AT&T mega breach and ransom paid, FBI accessing password-protected phone, rising prices of zero-click exploits, and APT 41's expanding targets. Plus, teaser on upcoming keynote speakers at LabsCon 2024.

Three Buddy Problem - Episode 4: The boys delve into the massive AT&T call logs breach, the Snowflake incidents and the notion of shared-fate/shared responsibilities; news on fresh Apple notifications about mercenary spyware on iPhones and the effectiveness of notifications for different types of controversial targets. Plus, thoughts on Microsoft's zero-day disclosures and useless Patch Tuesday bulletins, AI-powered disinformation campaigns, and the US government's malware sharing initiative fading away. Hosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek).Links:Transcript (unedited, AI-generated)AT&T SEC Filing on mega-breachCNN: Nearly all AT&T call and text records exposed in a massive breachApple warns iPhone users in 98 countries of spywareIndia targets Apple over its phone hacking notificationsHyper-V zero-day exploited in the wildLABScon Program Committee

The 'Three Buddy Problem' Podcast Episode 3: Former NSA computer scientist Dave Aitel (Immunity Inc., Cordyceps Systems) joins Juan Andres Guerrero-Saade for a frank discussion on the OpenSSH unauthenticated remote code execution vulnerability and the challenges around patching and exploitation, the CISA 'secure-by-design' pledge and its impact on software vendor practices, Microsoft lobbying and the CSRB report, and changing face of government's attempts at cybersecurity regulations. We discuss the disruption caused by political changes and the potential implications for cybersecurity policies, impact from the Supreme Court Chevron ruling, security regulations and the challenges of writing laws for future technology, the role of CISA and its accomplishments, the debate around offensive cyber operations and the responsibility of companies like Google in addressing vulnerabilities. The need for clear separation between counterterrorism and espionage operations is highlighted, as well as the importance of understanding both defensive and offensive perspectives. Costin Raiu is on vacation. Links:Transcript (unedited, AI-generated)Qualys: Remote Unauthenticated Code Execution in OpenSSH CSRB report on Microsoft hackCISA secure-by-design pledgeCCC Talk: Operation Triangulation Lawfare: Responsible Cyber OffenseGoogle: Stop Burning Counterterrorism OperationsFollow Dave Aitel on TwitterJ. A. Guerrero-Saade on TwitterCostin Raiu on TwitterFollow Ryan Naraine (@ryanaraine) on TwitterLABScon - Security Research in Real Time

The 'Three Buddy Problem' Podcast Episode 2: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade go all-in on the discussion around Google Project Zero disrupting counter-terrorism malware operations. A deep dive on disruption vs exposure, the effects of US government sanctions on private mercenary hacking companies, hypocricy and the tricky relationship between malware researchers are the intelligence community, and the lack of 'success stories' from so-called benevolent malware. We also discuss the implications of the TeamViewer breach by a skilled Russian APT, new Microsoft notifications to Midnight Blizzard victims and share thoughts on the Polyfill.io supply chain compromise.Links:Episode transcript (Unedited, AI-generated)Google: Stop Burning Counterterrorism OperationsRussian hackers sanctioned by European CouncilTeamViewer statement on APT29 breachPolyfill supply chain attackRequest a LABScon inviteFollow Costin Raiu on TwitterFollow JAG-S on TwitterFollow Ryan Naraine on Twitter

Cybersecurity experts Juan Andres Guerrero-Saade and Costin Raiu discuss the Microsoft Recall debacle, dark patterns in big tech AI, Brad Smith's testimony, Apple's Private Cloud Compute, and the impact of the CSRB report. They also touch on the KL ban and the EU law on scanning child sexual abuse material, raising concerns about privacy and encryption in tech.

Cris Neckar, a veteran security researcher and partner at Two Bear Capital, shares his insights from the cutting edge of cybersecurity. He reflects on his time with Google Chrome's security team, highlighting the birth of vulnerability reward programs and the Pwn2Own contest. The discussion shifts to the cat-and-mouse dynamic in browser security, zero-day exploits, and the role of AI in enhancing threat detection. Cris also emphasizes the need for mentoring young founders while navigating the complexities of tech investment and innovations in automated security.