Beste Security Conversations podcaster (2024)

1
Mysterious rebooting iPhones, EDR vendors spying on hackers, Bitcoin 'meatspace' attacks 1:37:00

5d ago1:37:00

1:37:00

Three Buddy Problem - Episode 20: We revisit the ‘hack-back’ debate, the threshold for spying on adversaries, Palo Alto watching EDR bypass research to track threat actors, hot nuggets in Project Zero’s Clem Lecinge’s Hexacon talk, Apple’s new iOS update rebooting iPhones in law enforcement custody, the mysterious GoblinRAT backdoor, and physical ‘…

1
IntheNewsS2E3 - The New Normal 31:52

13d ago31:52

31:52

🌟 New Episode Alert! 🌟 Join us for Episode 3 of Season 2 of In the News: Conversations Around Security! This episode, we're diving into the "new normal" as we explore the rising challenges of declining social conditions and public safety. With increasing protest activity, calls for change, and rising crime, how can we continue to keep the public sa…

1
The Sophos kernel implant, 'hack-back' implications, CIA malware in Venezuela 1:54:14

11d ago1:54:14

1:54:14

Three Buddy Problem - Episode 19: We explore Ivan Kwiatkowski’s essay on the limits of threat intelligence, Sophos using kernel implants to surveil Chinese hackers, the concept of ‘hack-back’ and legal implications, geopolitical layers of cyber espionage, CIA malware in Venezuela, Vatican/Mossad mentioned in high-profile Italy hacks, and Canada bra…

1
Fortinet 0days, Appin hack-for-hire exposé, crypto heists, Russians booted from Linux kernel 1:26:44

20d ago1:26:44

1:26:44

Three Buddy Problem - Episode 18: This week’s show covers the White House's new Traffic Light Protocol (TLP) guidance, Reuters expose of Appin as a hack-for-hire mercenary company, Fortinet zero-day exploitation and missing CSRB investigations, major cryptocurrency heists, Apple opening Private Cloud Compute to public inspection, Russians removed f…

1
ESET Israel wiper malware, China's Volt Typhoon response, Kaspersky sanctions and isolation 1:38:18

27d ago1:38:18

1:38:18

Three Buddy Problem - Episode 17: News of a wiper malware attack in Israel implicating ESET, threats from wartime hacktivists, China's strange response to Volt Typhoon attribution and Section 702 messaging, an IE zero-day discovery and web browser rot in South Korea, the ongoing isolation of Kaspersky due to sanctions, and the geopolitical influenc…

1
ITN Season 2 E2 - “From Protests to Chaos: The Impact of Government Inaction” 25:34

1M ago25:34

25:34

Welcome to Season 2, Episode 2 of “In the News - Conversations Around Security.” In this episode, “From Protests to Chaos: The Impact of Government Inaction” we delve into a critical and timely issue: how government inaction and lack of leadership have emboldened protestors. What began as pro-Palestinian protests have now escalated into calls for C…

1
Typhoons and Blizzards: Cyberespionage and national security on front burner 1:09:09

1M ago1:09:09

1:09:09

Three Buddy Problem - Episode 16: We break down the new GCHQ advisory on the history and tactics of Russia’s APT29, the challenges of tracking and defending against these sophisticated espionage programs, the mysterious Salt Typhoon intrusions, the absence of technical indicators (IOCs), the risks of supply chain attacks. We also touch on the surge…

1
Careto returns, IDA Pro pricing controversy, crypto's North Korea problem 1:30:38

1M ago1:30:38

1:30:38

Three Buddy Problem - Episode 15: Juanito checks in from Virus Bulletin with news on the return of Careto/Mask, a ‘milk-carton’ APT linked to Spain. We also cover the latest controversy surrounding IDA Pro's subscription model, a major new YARA update, and ongoing issues with VirusTotal's value and pricing. The conversation shifts to North Korean c…

1
In The News Season 2 Episode 1 - We're Back 29:04

1M ago29:04

29:04

Welcome to In the News: Conversations Around Security! In our exciting new season, we’re diving into the dynamic world of global protests and their far-reaching impacts on local businesses and communities. As movements ignite change around the globe, we’ll explore how these powerful events reshape our neighborhoods, challenge local establishments, …

1
Exploding beepers, critical CUPS flaws, Windows Recall rebuilt for security 1:19:07

2M ago1:19:07

1:19:07

Three Buddy Problem - Episode 14: The buddies are back together for a discussion on Juan’s LABScon keynote and mental health realities, Microsoft rewriting the Windows Recall security architecture, a new CVSS 9.9 Linux CUPS flaw, Kaspersky's controversial transition to Ultra AV, and the intelligence operations surrounding exploding pagers in Lebano…

1
Ep13: The Consolation of Threat Intel (JAG-S LABScon keynote) 31:41

2M ago31:41

31:41

Three Buddy Problem - Episode 13: This is a special edition of the show, featuring Juan Andres Guerrero-Saade's full keynote day remarks at LABScon2024. In this talk, Juanito addresses the current state of the threat intelligence industry, expressing a need for a difficult conversation about its direction and purpose. He discusses feelings of disen…

1
Ep12: Security use-cases for AI chain-of-thought reasoning 1:14:20

2M ago1:14:20

1:14:20

Three Buddy Problem - Episode 12: Gabriel Bernadett-Shapiro joins the show for an extended conversation on artificial intelligence and cybersecurity. We discuss the hype around OpenAI's new o1 model, AI chain-of-thought reasoning and security use-cases, pervasive chatbots and privacy concerns, and the ongoing debate between open source and closed s…

1
Ep11: Cyberwarfare takes an ominous turn 1:15:13

2M ago1:15:13

1:15:13

Three Buddy Problem - Episode 11: Russia's notorious GRU Unit 29155 (previously tied to assassinations, poisonings and coup attempts) now blamed for destructive cyberattacks for sabotage; FBI and DOJ take down 'Doppelganger' network spreading Russian propaganda; CISA's budget, staff, advisories and YARA rules; Influence Operations 2.0; prolific Chi…

1
Ep10: Volt Typhoon zero-day, Russia's APT29 reusing spyware exploits, Pavel Durov's arrest 1:18:37

3M ago1:18:37

1:18:37

Three Buddy Problem - Episode 10: Top stories this week -- Volt Typhoon zero-day exploitation of Versa Director servers, Chinese APT building botnets with EOL routers, the gap in security solutions for network devices and appliances, Russia's APT29 (Midnight Blizzard) caught reusing exploits from NSO Group and Intellexa, Microsoft’s upcoming Window…

1
Ep9: The blurring lines between nation-state APTs and the ransomware epidemic 1:06:16

3M ago1:06:16

1:06:16

Three Buddy Problem - Episode 9: On this episode, we look at the hacking scene in Taiwan, the sad state of visibility into big malware campaigns, the absence of APTs linked to the prolific MIVD Dutch intelligence agency, the blurring lines between big ransomware heists and nation-state actors caught using ransomware as a tool for sabotage and misat…

1
Ep8: Microsoft's zero-days and a wormable Windows TCP/IP flaw known to China 1:17:45

3M ago1:17:45

1:17:45

Three Buddy Problem - Episode 8: This week’s show digs into Microsoft’s in-the-wild zero-day woes, Patch Tuesday and the absence of IOCs, a wormable Windows TCP/IP flaw that the Chinese government knew about for months, Iran’s aggressive hacking US election targets, CrowdStrike v Qihoo360 and major problems with APT naming conventions. Hosts: Costi…

1
Ep7: Crowd2K and the kernel, PKFail supply chain failures, Paris trains sabotage and Russian Olympic attacks 1:10:03

3M ago1:10:03

1:10:03

Three Buddy Problem - Episode 7: In this episode, we try to close the book on the CrowdStrike Windows BSOD story, Microsoft VP David Weston’s technical documentation and issues around kernel access and OS resilience. We also discuss Binarly’s PKFail research, secure boot bypasses, Dan Geer and tech monoculture, software vendor liability issues and …

1
Ep6: After CrowdStrike chaos, should Microsoft kick EDR agents out of Windows kernel? 1:16:37

4M ago1:16:37

1:16:37

Three Buddy Problem - Episode 6: As the dust settles on the CrowdStrike incident that blue-screened 8.5 million Windows computers worldwide, we dig into CrowdStrike’s preliminary incident report, the lack of transparency in the update process and the need for more robust testing and validation. We also discuss Microsoft's responsibility to avoid in…

1
Ep5: CrowdStrike's faulty update shuts down global networks 59:51

4M ago59:51

59:51

Three Buddy Problem - Episode 5: Hot off the press, we dive into the news of the CrowdStrike software update that caused blue screens on computers worldwide, the resulting chaos and potential connections to the Microsoft 365 outage, the fragility of modern computing and the risks of new software paradigms. We also discuss the AT&T mega-breach and t…

1
Ep4: The AT&T mega-breach, iPhone mercenary spyware, Microsoft zero-days 1:11:39

4M ago1:11:39

1:11:39

Three Buddy Problem - Episode 4: The boys delve into the massive AT&T call logs breach, the Snowflake incidents and the notion of shared-fate/shared responsibilities; news on fresh Apple notifications about mercenary spyware on iPhones and the effectiveness of notifications for different types of controversial targets. Plus, thoughts on Microsoft's…

1
Ep3: Dave Aitel joins debate on nation-state hacking responsibilities 1:04:29

4M ago1:04:29

1:04:29

The 'Three Buddy Problem' Podcast Episode 3: Former NSA computer scientist Dave Aitel (Immunity Inc., Cordyceps Systems) joins Juan Andres Guerrero-Saade for a frank discussion on the OpenSSH unauthenticated remote code execution vulnerability and the challenges around patching and exploitation, the CISA 'secure-by-design' pledge and its impact on …

1
In the News E12 - Is Antisemitism in Canada a National Security Threat? 37:42

5M ago37:42

37:42

Welcome to another episode of In the News, your source for in-depth analysis of the most pressing geopolitical events. Today, we tackle a crucial and sensitive topic: the alarming rise of antisemitism in Canada and its nexus to national security. As tensions in Gaza escalate, we’re seeing ripple effects here at home, with foreign interference poten…

1
Ep2: A deep-dive on disrupting and exposing nation-state malware ops 1:08:42

5M ago1:08:42

1:08:42

The 'Three Buddy Problem' Podcast Episode 2: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade go all-in on the discussion around Google Project Zero disrupting counter-terrorism malware operations. A deep dive on disruption vs exposure, the effects of US government sanctions on private mercenary hacking companies, hypocricy and the tricky r…

1
Ep1: The Microsoft Recall debacle, Brad Smith and the CSRB, Apple Private Cloud Compute 46:55

5M ago46:55

46:55

Welcome to Episode 1 of a brand new cybersecurity podcast discussing the biggest news stories of the week. Ryan Naraine hosts a fast-moving conversation with Juan Andres Guerrero-Saade (LABScon) and Costin Raiu (Art of Noh) on the Microsoft Recall debacle, the dark patterns emerging as big-tech embraces AI, Brad Smith's testimony and the lingering …

1
In the News E11 - Unpacking Encampments 28:31

5M ago28:31

28:31

Welcome to “In the News: Conversations Around Security,” where we dive deep into pressing issues affecting public safety. In today’s episode, we explore the growing trend of protest encampments and the security risks they pose. From urban spaces to grassroots movements, we’ll discuss how these camps impact both residents and the broader community. …

1
E10 Unlocking the Security Dilemma: Addressing Risks and Regulations 39:56

6M ago39:56

39:56

In this riveting episode of "In the News - Conversations Around Security," we dive deep into Ontario's security landscape with esteemed guest Paul Carson from the Security Guard Association of Ontario. Tune in as we dissect the pressing issue of the absence of standards and regulations within the security sector, a concern that's fostering heighten…

1
In the News E9 Foreign Influence in Canada 38:47

6M ago38:47

38:47

In this episode we dive into a complex and timely issue: foreign influence on Canada. There's growing concern about the influence of foreign powers over Canada, particularly in recent elections. The leveraging of hybrid warfare which combines traditional military means with cyberattacks, disinformation campaigns, and social media manipulation, are …

1
IntheNewsE8 - Global Events Impacting Local Public Safety 28:06

7M ago28:06

28:06

In this episode, we delve into the intricate interplay between global events and their profound impact on local public safety. Join us as we dissect the complex web of connections between international affairs and everyday security concerns. Our discussion uncovers how events on the world stage reverberate within our communities, influencing polici…

1
Cris Neckar on the early days of securing Chrome, chasing browser exploits 54:36

7M ago54:36

54:36

Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) XZ.fail backdoor detector (https://xz.fail) Cris Neckar is a veteran security researcher now working as a partner at Two Bear Capital. In this episode, he reminisces on the early days of hacking at Neohapsis, his time on the Google Chrome security team, shenanigans at…

1
Costin Raiu joins the XZ Utils backdoor investigation 51:33

7M ago51:33

51:33

Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) XZ.fail backdoor detector (https://xz.fail) Malware paleontologist Costin Raiu returns for an emergency episode on the XZ Utils software supply chain backdoor. We dig into the timeline of the attack, the characteristics of the backdoor, affected Linux distributions, a…

1
IntheNewsE7B Managing Protests & Public Safety Part 2 22:53

9M ago22:53

22:53

In the News hosts Luciano Cedrone and Brian Claman bring back retired Toronto Police Superintendent Bill Neadles to talk about the challenges of prioritizing public safety in the face of large, disruptive and often confrontational protests that have been popping up across the country since the Oct 7th attacks on Israel and the on-going war in Gaza.…

1
IntheNewsE6A Managing Protests & Public Safety Part 1 21:21

9M ago21:21

21:21

In the News hosts Luciano Cedrone and Brian Claman bring back retired Toronto Police Superintendent Bill Neadles to talk about the challenges of prioritizing public safety in the face of large, disruptive and often confrontational protests that have been popping up across the country since the Oct 7th attacks on Israel and the on-going war in Gaza.…

1
In the News E5 Hamas - Implications for Canada Part 2 29:55

10M ago29:55

29:55

On Oct 7, 2023, Hamas unleashed the biggest surprise attack in Israel's history. In this episode we bring you important insights and analysis about the conflict from one of Canada's foremost resources on intelligence; Phil Gurski. Our hosts, Luciano Cedrone and Brian Claman talk with Phil about the implications of Hamas’ surprise attack on Israel, …

1
Katie Moussouris on building a different cybersecurity businesses 29:50

10M ago29:50

29:50

Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) FwHunt (https://fwhunt.run) Katie Moussouris founded Luta Security in 2016 and bootstrapped it into a profitable business with a culture of equity and healthy boundaries. She is a pioneer in the world of bug bounties and vulnerability disclosure and serves in multiple…

1
Costin Raiu: The GReAT exit interview 1:32:13

10M ago1:32:13

1:32:13

Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) FwHunt (https://fwhunt.run) Costin Raiu has spent a lifetime in anti-malware research, working on some of the biggest nation-state APT cases in history, including Stuxnet, Duqu, Equation Group, Red October, Turla and Lazarus. In this exit interview, Costin digs into w…

1
In the News E4 Hamas - Implications for Canada Part 1 23:23

10M ago23:23

23:23

On Oct 7, 2023, Hamas unleashed the biggest surprise attack in Israel's history. In this episode we bring you important insights and analysis about the conflict from one of Canada's foremost resources on intelligence; Phil Gurski. Our hosts, Luciano Cedrone and Brian Claman talk with Phil about the implications of Hamas’ surprise attack on Israel, …

1
Danny Adamitis on an 'unkillable' router botnet used by Chinese .gov hackers 34:07

10M ago34:07

34:07

Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) FwHunt (https://fwhunt.run) Danny Adamitis is a principal information security engineer at Black Lotus Labs, the threat research division within Lumen Technologies. On this episode of the show, we discuss his team's recent discovery of an impossible-to-kill botnet pac…

1
E3 of 3 Evolving Observe and Report to Intervention 27:31

11M ago27:31

27:31

Welcome to “In the News - Conversations Around Security”, the podcast where we examine the news through a security lens. In this last of a 3 part series we talk to retired Deputy Chief Chris Fernandes about the evolving needs of security in a world of declining resources and increased need. What do these realities mean for the industry? What are th…

1
Allison Miller talks about CISO life, protecting identities at scale 38:12

11M ago38:12

38:12

Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) FwHunt (https://fwhunt.run) Allison Miller is founder and CEO of Cartomancy Labs and former CISO and VP of Trust at Reddit. She has spent the past 20 years scaling teams and technology at Bank of America, Google, Electronic Arts, PayPal/eBay, and Visa International. I…

1
In the News Conversations Around Security - E2 of 3 Evolving Observe and Report to Intervention 28:36

11M ago28:36

28:36

Welcome to “In the News - Conversations Around Security”, the podcast where we examine the news through a security lens. In episode 2, we continue the discussion around the evolving needs of security and the growing changes that are driving the conversation to transitioning from observe and report models towards engagement capable guarding. What co…

1
Rob Ragan on the excitement of AI solving security problems 51:16

11M ago51:16

51:16

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Rob Ragan, principal architect and security strategist at Bishop Fox, joins the show to share insights on scaling pen testing, the emergence of bug bounty programs, the value of attack surface management, and the role of AI in cybersecurity. We dig into the importance of pro…

1
Episode 1 - Transition Observe and Report to Engagement 24:20

12M ago24:20

24:20

Welcome to “In the News - Conversations Around Security”, the podcast where we examine the news through a security lens. In this episode, we explore the transition from observe and report security to engagement capable guarding. What does this mean, and why is it important? And what are the benefits and challenges of this shift for the security sec…

1
Seth Spergel on venture capital bets in cybersecurity 28:56

12M ago28:56

28:56

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Seth Spergel is managing partner at Merlin Ventures, where he is responsible for identifying cutting-edge companies for Merlin to partner with and invest in. In this episode, Seth talks about helping startups target US federal markets, the current state of deal sizes and val…

1
Dan Lorenc on fixing the 'crappy' CVE ecosystem 41:45

1y ago41:45

41:45

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Dan Lorenc is CEO and co-founder of Chainguard, a company that raised $116 million in less than two years to tackle open source supply chain security problems. In this episode, Dan joins Ryan to chat about the demands of building a "growth mode" startup, massive funding roun…

1
Cisco Talos researcher Nick Biasini on chasing APTs, mercenary hackers 31:27

1y ago31:27

31:27

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Nick Biasini has been working in information security for nearly two decades. In his current role as head of outreach for Cisco Talos Intelligence Group, he leads a team of threat researchers tasked with tracking nation-state APTs, mercenary hacker groups and ransomware cybe…

1
Allison Nixon on disturbing elements in cybercriminal ecosystem 48:39

1y ago48:39

48:39

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Allison Nixon is Chief Researcher at Unit 221B and a trailblazer in the world of cybercrime research. In this episode, we deep-drive into the shadowy dynamics of underground criminal communities, high-profile ransomware attacks, teenage hacking groups breaking into big compa…

1
Dakota Cary on China's weaponization of software vulnerabilities 55:48

1y ago55:48

55:48

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Dakota Cary is a nonresident fellow at the Atlantic Council’s Global China Hub, conducting research on China’s efforts to develop its hacking capabilities, artificial-intelligence and cybersecurity research at Chinese universities, the People’s Liberation Army’s efforts to a…

1
Abhishek Arya on Google's AI cybersecurity experiments 33:27

1y ago33:27

33:27

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Abhishek Arya is director of engineering at Google, overseeing open source and supply chain security efforts that include OSS-Fuzz, SLSA, GUAC and OSV DB. In this episode, Arya talks about some early success experimenting with AI and LLMs on fuzzing and vulnerability managem…

1
Dr Sergey Bratus on the 'citizen science' of hacking 40:02

1y ago40:02

40:02

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Dr Sergey Bratus is a Research Associate Professor of Computer Science at Dartmouth College and a program manager at DARPA. In this episode, he discusses his pioneering work on securing parsers and patching long-forgotten devices. He also puts the AI hype into context and sh…

1
DARPA's Perri Adams on CTF hacking, new $20M AI Cyber Challenge 26:47

1y ago26:47

26:47

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) DARPA program manager Perri Adams joins the conversation to chat about her love for CTF hacking competitions, the hunt for leapfrog security technologies in DARPA’s Information Innovation Office (I2O), and the goal of the new AI Cyber Challenge (AIxCC) offering $20 million i…

Podcaster verdt å lytte til

Security Conversations Podcaster

Podcaster verdt å lytte til

Hurtigreferanseguide