Bästa Security Conversations podcaster (2024)

1
Palo Alto network edge device backdoor, Cyberhaven browser extension hack, 2024 research highlights 1:53:11

1d ago1:53:11

1:53:11

Three Buddy Problem - Episode 26: We discuss the discovery of a Palo Alto network firewall attack and a stealthy network edge device backdoor (LITTLELAMB.WOOLTEA), the Cyberhaven hack and the shady world of browser extensions, and a look back at the top research projects that caught our attention in 2025. Cast: Juan Andres Guerrero-Saade, Costin Ra…

1
US government's VPN advice, dropping bombs on ransomware gangs 1:58:40

5d ago1:58:40

1:58:40

Three Buddy Problem - Episode 26: We dive deep into the shadowy world of surveillance and cyber operations, unpacking Amnesty International's explosive report on NoviSpy, a previously unknown Android implant used against Serbian activists, and the links to Israeli forensics software vendor Cellebrite. Plus, thoughts on the US government’s controver…

1
Surveillance economics, Turla and Careto, and the AI screenshots nobody asked for 2:14:07

15d ago2:14:07

2:14:07

Three Buddy Problem - Episode 25: An update on Romania’s cancelled election, the implications of TikTok on democratic processes, and the broader issues around surveillance capitalism and micro-targeting. Plus, news on Turla piggybacking on cybercriminal malware to hit Ukraine, the return of Careto and the absence of IOCs, Claroty report on an Iran-…

1
Inside the Turla Playbook: Hijacking APTs and fourth-party espionage 1:47:08

21d ago1:47:08

1:47:08

Three Buddy Problem - Episode 24: In this episode, we did into Lumen/Microsoft’s revelations on Russia's Turla APT stealing from a Pakistani APT, and issues around fourth-party espionage and problems with threat actor attribution. We also discuss Citizen Lab’s findings on Monokle-like spyware implanted by Russian authorities, the slow pace of Salt …

1
Volexity’s Steven Adair on Russian Wi-Fi hacks, memory forensics, appliance 0days and network inspectability 1:18:33

28d ago1:18:33

1:18:33

Three Buddy Problem - Episode 23: Volexity founder Steven Adair joins the show to explore the significance of memory analysis and the technical challenges associated with memory dumping and forensics. We dig into Volexity’s “nearest neighbor” Wi-Fi hack discovery, gaps in EDR detection and telemetry, and some real-talk on the Volt Typhoon intrusion…

1
Sid Trivedi on the RSA Innovation Sandbox $5 million investment gambit 1:01:12

1M ago1:01:12

1:01:12

Episode sponsors: Binarly (https://binarly.io) Binary Risk Hunt (https://risk.binarly.io) In this reboot of the Security Conversations interview series, Foundation Capital partner Sid Trivedi weighs in on major changes to the RSA Innovation Sandbox, the mandatory $5M uncapped SAFE investment for all 10 finalists, and red-flag concerns around discou…

1
Russian APT weaponized nearby Wi-Fi networks in DC, new macOS zero-days, DOJ v Chrome 1:28:22

1M ago1:28:22

1:28:22

Three Buddy Problem - Episode 22: We discuss Volexity’s presentation on Russian APT operators hacking Wi-Fi networks in “nearest neighbor attacks,” the Chinese surveillance state and its impact on global security, the NSA's strange call for better data sharing on Salt Typhoon intrusions, and the failures of regulatory bodies to address cybersecurit…

1
What happens to CISA now? Is deterrence in cyber possible? 1:53:51

1M ago1:53:51

1:53:51

Three Buddy Problem - Episode 21: We dig into an incredible government report on Iranian hacking group Emennet Pasargad and tradecraft during the Israel/Hamas war, why Predatory Sparrow could have been aimed at deterrence in cyber, and the FBI/CISA public confirmation of the mysterious Salt Typhoon hacks. Plus, discussion on hina’s cyber capabiliti…

1
Mysterious rebooting iPhones, EDR vendors spying on hackers, Bitcoin 'meatspace' attacks 1:37:00

2M ago1:37:00

1:37:00

Three Buddy Problem - Episode 20: We revisit the ‘hack-back’ debate, the threshold for spying on adversaries, Palo Alto watching EDR bypass research to track threat actors, hot nuggets in Project Zero’s Clem Lecinge’s Hexacon talk, Apple’s new iOS update rebooting iPhones in law enforcement custody, the mysterious GoblinRAT backdoor, and physical ‘…

1
The Sophos kernel implant, 'hack-back' implications, CIA malware in Venezuela 1:54:14

2M ago1:54:14

1:54:14

Three Buddy Problem - Episode 19: We explore Ivan Kwiatkowski’s essay on the limits of threat intelligence, Sophos using kernel implants to surveil Chinese hackers, the concept of ‘hack-back’ and legal implications, geopolitical layers of cyber espionage, CIA malware in Venezuela, Vatican/Mossad mentioned in high-profile Italy hacks, and Canada bra…

1
IntheNewsS2E3 - The New Normal 31:52

2M ago31:52

31:52

🌟 New Episode Alert! 🌟 Join us for Episode 3 of Season 2 of In the News: Conversations Around Security! This episode, we're diving into the "new normal" as we explore the rising challenges of declining social conditions and public safety. With increasing protest activity, calls for change, and rising crime, how can we continue to keep the public sa…

1
Fortinet 0days, Appin hack-for-hire exposé, crypto heists, Russians booted from Linux kernel 1:26:44

2M ago1:26:44

1:26:44

Three Buddy Problem - Episode 18: This week’s show covers the White House's new Traffic Light Protocol (TLP) guidance, Reuters expose of Appin as a hack-for-hire mercenary company, Fortinet zero-day exploitation and missing CSRB investigations, major cryptocurrency heists, Apple opening Private Cloud Compute to public inspection, Russians removed f…

1
ESET Israel wiper malware, China's Volt Typhoon response, Kaspersky sanctions and isolation 1:38:18

2M ago1:38:18

1:38:18

Three Buddy Problem - Episode 17: News of a wiper malware attack in Israel implicating ESET, threats from wartime hacktivists, China's strange response to Volt Typhoon attribution and Section 702 messaging, an IE zero-day discovery and web browser rot in South Korea, the ongoing isolation of Kaspersky due to sanctions, and the geopolitical influenc…

1
ITN Season 2 E2 - “From Protests to Chaos: The Impact of Government Inaction” 25:34

2M ago25:34

25:34

Welcome to Season 2, Episode 2 of “In the News - Conversations Around Security.” In this episode, “From Protests to Chaos: The Impact of Government Inaction” we delve into a critical and timely issue: how government inaction and lack of leadership have emboldened protestors. What began as pro-Palestinian protests have now escalated into calls for C…

1
Typhoons and Blizzards: Cyberespionage and national security on front burner 1:09:09

3M ago1:09:09

1:09:09

Three Buddy Problem - Episode 16: We break down the new GCHQ advisory on the history and tactics of Russia’s APT29, the challenges of tracking and defending against these sophisticated espionage programs, the mysterious Salt Typhoon intrusions, the absence of technical indicators (IOCs), the risks of supply chain attacks. We also touch on the surge…

1
Careto returns, IDA Pro pricing controversy, crypto's North Korea problem 1:30:38

3M ago1:30:38

1:30:38

Three Buddy Problem - Episode 15: Juanito checks in from Virus Bulletin with news on the return of Careto/Mask, a ‘milk-carton’ APT linked to Spain. We also cover the latest controversy surrounding IDA Pro's subscription model, a major new YARA update, and ongoing issues with VirusTotal's value and pricing. The conversation shifts to North Korean c…

1
In The News Season 2 Episode 1 - We're Back 29:04

3M ago29:04

29:04

Welcome to In the News: Conversations Around Security! In our exciting new season, we’re diving into the dynamic world of global protests and their far-reaching impacts on local businesses and communities. As movements ignite change around the globe, we’ll explore how these powerful events reshape our neighborhoods, challenge local establishments, …

1
Exploding beepers, critical CUPS flaws, Windows Recall rebuilt for security 1:19:07

3M ago1:19:07

1:19:07

Three Buddy Problem - Episode 14: The buddies are back together for a discussion on Juan’s LABScon keynote and mental health realities, Microsoft rewriting the Windows Recall security architecture, a new CVSS 9.9 Linux CUPS flaw, Kaspersky's controversial transition to Ultra AV, and the intelligence operations surrounding exploding pagers in Lebano…

1
Ep13: The Consolation of Threat Intel (JAG-S LABScon keynote) 31:41

3M ago31:41

31:41

Three Buddy Problem - Episode 13: This is a special edition of the show, featuring Juan Andres Guerrero-Saade's full keynote day remarks at LABScon2024. In this talk, Juanito addresses the current state of the threat intelligence industry, expressing a need for a difficult conversation about its direction and purpose. He discusses feelings of disen…

1
Ep12: Security use-cases for AI chain-of-thought reasoning 1:14:20

4M ago1:14:20

1:14:20

Three Buddy Problem - Episode 12: Gabriel Bernadett-Shapiro joins the show for an extended conversation on artificial intelligence and cybersecurity. We discuss the hype around OpenAI's new o1 model, AI chain-of-thought reasoning and security use-cases, pervasive chatbots and privacy concerns, and the ongoing debate between open source and closed s…

1
Ep11: Cyberwarfare takes an ominous turn 1:15:13

4M ago1:15:13

1:15:13

Three Buddy Problem - Episode 11: Russia's notorious GRU Unit 29155 (previously tied to assassinations, poisonings and coup attempts) now blamed for destructive cyberattacks for sabotage; FBI and DOJ take down 'Doppelganger' network spreading Russian propaganda; CISA's budget, staff, advisories and YARA rules; Influence Operations 2.0; prolific Chi…

1
Ep10: Volt Typhoon zero-day, Russia's APT29 reusing spyware exploits, Pavel Durov's arrest 1:18:37

4M ago1:18:37

1:18:37

Three Buddy Problem - Episode 10: Top stories this week -- Volt Typhoon zero-day exploitation of Versa Director servers, Chinese APT building botnets with EOL routers, the gap in security solutions for network devices and appliances, Russia's APT29 (Midnight Blizzard) caught reusing exploits from NSO Group and Intellexa, Microsoft’s upcoming Window…

1
Ep9: The blurring lines between nation-state APTs and the ransomware epidemic 1:06:16

4M ago1:06:16

1:06:16

Three Buddy Problem - Episode 9: On this episode, we look at the hacking scene in Taiwan, the sad state of visibility into big malware campaigns, the absence of APTs linked to the prolific MIVD Dutch intelligence agency, the blurring lines between big ransomware heists and nation-state actors caught using ransomware as a tool for sabotage and misat…

1
Ep8: Microsoft's zero-days and a wormable Windows TCP/IP flaw known to China 1:17:45

4M ago1:17:45

1:17:45

Three Buddy Problem - Episode 8: This week’s show digs into Microsoft’s in-the-wild zero-day woes, Patch Tuesday and the absence of IOCs, a wormable Windows TCP/IP flaw that the Chinese government knew about for months, Iran’s aggressive hacking US election targets, CrowdStrike v Qihoo360 and major problems with APT naming conventions. Hosts: Costi…

1
Ep7: Crowd2K and the kernel, PKFail supply chain failures, Paris trains sabotage and Russian Olympic attacks 1:10:03

5M ago1:10:03

1:10:03

Three Buddy Problem - Episode 7: In this episode, we try to close the book on the CrowdStrike Windows BSOD story, Microsoft VP David Weston’s technical documentation and issues around kernel access and OS resilience. We also discuss Binarly’s PKFail research, secure boot bypasses, Dan Geer and tech monoculture, software vendor liability issues and …

1
Ep6: After CrowdStrike chaos, should Microsoft kick EDR agents out of Windows kernel? 1:16:37

5M ago1:16:37

1:16:37

Three Buddy Problem - Episode 6: As the dust settles on the CrowdStrike incident that blue-screened 8.5 million Windows computers worldwide, we dig into CrowdStrike’s preliminary incident report, the lack of transparency in the update process and the need for more robust testing and validation. We also discuss Microsoft's responsibility to avoid in…

1
Ep5: CrowdStrike's faulty update shuts down global networks 59:51

5M ago59:51

59:51

Three Buddy Problem - Episode 5: Hot off the press, we dive into the news of the CrowdStrike software update that caused blue screens on computers worldwide, the resulting chaos and potential connections to the Microsoft 365 outage, the fragility of modern computing and the risks of new software paradigms. We also discuss the AT&T mega-breach and t…

1
Ep4: The AT&T mega-breach, iPhone mercenary spyware, Microsoft zero-days 1:11:39

6M ago1:11:39

1:11:39

Three Buddy Problem - Episode 4: The boys delve into the massive AT&T call logs breach, the Snowflake incidents and the notion of shared-fate/shared responsibilities; news on fresh Apple notifications about mercenary spyware on iPhones and the effectiveness of notifications for different types of controversial targets. Plus, thoughts on Microsoft's…

1
Ep3: Dave Aitel joins debate on nation-state hacking responsibilities 1:04:29

6M ago1:04:29

1:04:29

The 'Three Buddy Problem' Podcast Episode 3: Former NSA computer scientist Dave Aitel (Immunity Inc., Cordyceps Systems) joins Juan Andres Guerrero-Saade for a frank discussion on the OpenSSH unauthenticated remote code execution vulnerability and the challenges around patching and exploitation, the CISA 'secure-by-design' pledge and its impact on …

1
In the News E12 - Is Antisemitism in Canada a National Security Threat? 37:42

6M ago37:42

37:42

Welcome to another episode of In the News, your source for in-depth analysis of the most pressing geopolitical events. Today, we tackle a crucial and sensitive topic: the alarming rise of antisemitism in Canada and its nexus to national security. As tensions in Gaza escalate, we’re seeing ripple effects here at home, with foreign interference poten…

1
Ep2: A deep-dive on disrupting and exposing nation-state malware ops 1:08:42

6M ago1:08:42

1:08:42

The 'Three Buddy Problem' Podcast Episode 2: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade go all-in on the discussion around Google Project Zero disrupting counter-terrorism malware operations. A deep dive on disruption vs exposure, the effects of US government sanctions on private mercenary hacking companies, hypocricy and the tricky r…

1
Ep1: The Microsoft Recall debacle, Brad Smith and the CSRB, Apple Private Cloud Compute 46:55

6M ago46:55

46:55

Welcome to Episode 1 of a brand new cybersecurity podcast discussing the biggest news stories of the week. Ryan Naraine hosts a fast-moving conversation with Juan Andres Guerrero-Saade (LABScon) and Costin Raiu (Art of Noh) on the Microsoft Recall debacle, the dark patterns emerging as big-tech embraces AI, Brad Smith's testimony and the lingering …

1
In the News E11 - Unpacking Encampments 28:31

7M ago28:31

28:31

Welcome to “In the News: Conversations Around Security,” where we dive deep into pressing issues affecting public safety. In today’s episode, we explore the growing trend of protest encampments and the security risks they pose. From urban spaces to grassroots movements, we’ll discuss how these camps impact both residents and the broader community. …

1
E10 Unlocking the Security Dilemma: Addressing Risks and Regulations 39:56

7M ago39:56

39:56

In this riveting episode of "In the News - Conversations Around Security," we dive deep into Ontario's security landscape with esteemed guest Paul Carson from the Security Guard Association of Ontario. Tune in as we dissect the pressing issue of the absence of standards and regulations within the security sector, a concern that's fostering heighten…

1
In the News E9 Foreign Influence in Canada 38:47

8M ago38:47

38:47

In this episode we dive into a complex and timely issue: foreign influence on Canada. There's growing concern about the influence of foreign powers over Canada, particularly in recent elections. The leveraging of hybrid warfare which combines traditional military means with cyberattacks, disinformation campaigns, and social media manipulation, are …

1
IntheNewsE8 - Global Events Impacting Local Public Safety 28:06

8M ago28:06

28:06

In this episode, we delve into the intricate interplay between global events and their profound impact on local public safety. Join us as we dissect the complex web of connections between international affairs and everyday security concerns. Our discussion uncovers how events on the world stage reverberate within our communities, influencing polici…

1
Cris Neckar on the early days of securing Chrome, chasing browser exploits 54:36

9M ago54:36

54:36

Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) XZ.fail backdoor detector (https://xz.fail) Cris Neckar is a veteran security researcher now working as a partner at Two Bear Capital. In this episode, he reminisces on the early days of hacking at Neohapsis, his time on the Google Chrome security team, shenanigans at…

1
Costin Raiu joins the XZ Utils backdoor investigation 51:33

9M ago51:33

51:33

Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) XZ.fail backdoor detector (https://xz.fail) Malware paleontologist Costin Raiu returns for an emergency episode on the XZ Utils software supply chain backdoor. We dig into the timeline of the attack, the characteristics of the backdoor, affected Linux distributions, a…

1
IntheNewsE7B Managing Protests & Public Safety Part 2 22:53

10M ago22:53

22:53

In the News hosts Luciano Cedrone and Brian Claman bring back retired Toronto Police Superintendent Bill Neadles to talk about the challenges of prioritizing public safety in the face of large, disruptive and often confrontational protests that have been popping up across the country since the Oct 7th attacks on Israel and the on-going war in Gaza.…

1
IntheNewsE6A Managing Protests & Public Safety Part 1 21:21

11M ago21:21

21:21

In the News hosts Luciano Cedrone and Brian Claman bring back retired Toronto Police Superintendent Bill Neadles to talk about the challenges of prioritizing public safety in the face of large, disruptive and often confrontational protests that have been popping up across the country since the Oct 7th attacks on Israel and the on-going war in Gaza.…

1
In the News E5 Hamas - Implications for Canada Part 2 29:55

11M ago29:55

29:55

On Oct 7, 2023, Hamas unleashed the biggest surprise attack in Israel's history. In this episode we bring you important insights and analysis about the conflict from one of Canada's foremost resources on intelligence; Phil Gurski. Our hosts, Luciano Cedrone and Brian Claman talk with Phil about the implications of Hamas’ surprise attack on Israel, …

1
Katie Moussouris on building a different cybersecurity businesses 29:50

11M ago29:50

29:50

Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) FwHunt (https://fwhunt.run) Katie Moussouris founded Luta Security in 2016 and bootstrapped it into a profitable business with a culture of equity and healthy boundaries. She is a pioneer in the world of bug bounties and vulnerability disclosure and serves in multiple…

1
Costin Raiu: The GReAT exit interview 1:32:13

12M ago1:32:13

1:32:13

Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) FwHunt (https://fwhunt.run) Costin Raiu has spent a lifetime in anti-malware research, working on some of the biggest nation-state APT cases in history, including Stuxnet, Duqu, Equation Group, Red October, Turla and Lazarus. In this exit interview, Costin digs into w…

1
In the News E4 Hamas - Implications for Canada Part 1 23:23

12M ago23:23

23:23

On Oct 7, 2023, Hamas unleashed the biggest surprise attack in Israel's history. In this episode we bring you important insights and analysis about the conflict from one of Canada's foremost resources on intelligence; Phil Gurski. Our hosts, Luciano Cedrone and Brian Claman talk with Phil about the implications of Hamas’ surprise attack on Israel, …

1
Danny Adamitis on an 'unkillable' router botnet used by Chinese .gov hackers 34:07

12M ago34:07

34:07

Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) FwHunt (https://fwhunt.run) Danny Adamitis is a principal information security engineer at Black Lotus Labs, the threat research division within Lumen Technologies. On this episode of the show, we discuss his team's recent discovery of an impossible-to-kill botnet pac…

1
E3 of 3 Evolving Observe and Report to Intervention 27:31

12M ago27:31

27:31

Welcome to “In the News - Conversations Around Security”, the podcast where we examine the news through a security lens. In this last of a 3 part series we talk to retired Deputy Chief Chris Fernandes about the evolving needs of security in a world of declining resources and increased need. What do these realities mean for the industry? What are th…

1
Allison Miller talks about CISO life, protecting identities at scale 38:12

1y ago38:12

38:12

Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) FwHunt (https://fwhunt.run) Allison Miller is founder and CEO of Cartomancy Labs and former CISO and VP of Trust at Reddit. She has spent the past 20 years scaling teams and technology at Bank of America, Google, Electronic Arts, PayPal/eBay, and Visa International. I…

1
In the News Conversations Around Security - E2 of 3 Evolving Observe and Report to Intervention 28:36

1y ago28:36

28:36

Welcome to “In the News - Conversations Around Security”, the podcast where we examine the news through a security lens. In episode 2, we continue the discussion around the evolving needs of security and the growing changes that are driving the conversation to transitioning from observe and report models towards engagement capable guarding. What co…

1
Rob Ragan on the excitement of AI solving security problems 51:16

1y ago51:16

51:16

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Rob Ragan, principal architect and security strategist at Bishop Fox, joins the show to share insights on scaling pen testing, the emergence of bug bounty programs, the value of attack surface management, and the role of AI in cybersecurity. We dig into the importance of pro…

1
Episode 1 - Transition Observe and Report to Engagement 24:20

1y ago24:20

24:20

Welcome to “In the News - Conversations Around Security”, the podcast where we examine the news through a security lens. In this episode, we explore the transition from observe and report security to engagement capable guarding. What does this mean, and why is it important? And what are the benefits and challenges of this shift for the security sec…

Podcaster värda att lyssna på

Security Conversations podcaster

Podcaster värda att lyssna på

Snabbguide