Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Content provided by Security Conversations. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Conversations or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Similar to Three Buddy Problem
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
1
Syntax - Tasty Web Development Treats
Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers
4k922
Full Stack Developers Wes Bos and Scott Tolinski dive deep into web development topics, explaining how they work and talking about their own experiences. They cover from JavaScript frameworks like React, to the latest advancements in CSS to simplifying web tooling.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Daily Deals
Podcasts Worth a Listen
SPONSORED
N
Netflix Sports Club Podcast
1 America’s Sweethearts: Dallas Cowboys Cheerleaders Season 2 - Tryouts, Tears, & Texas 32:48
32:48 
Play Later 
Play Later 
Lists 
Like 
Liked32:48
Play Later
Play Later
Lists
Like
LikedAmerica’s Sweethearts: Dallas Cowboys Cheerleaders is back for its second season! Kay Adams welcomes the women who assemble the squad, Kelli Finglass and Judy Trammell, to the Netflix Sports Club Podcast. They discuss the emotional rollercoaster of putting together the Dallas Cowboys Cheerleaders. Judy and Kelli open up about what it means to embrace flaws in the pursuit of perfection, how they identify that winning combo of stamina and wow factor, and what it’s like to see Thunderstruck go viral. Plus, the duo shares their hopes for the future of DCC beyond the field. Netflix Sports Club Podcast Correspondent Dani Klupenger also stops by to discuss the NBA Finals, basketball’s biggest moments with Michael Jordan and LeBron, and Kevin Durant’s international dominance. Dani and Kay detail the rise of Coco Gauff’s greatness and the most exciting storylines heading into Wimbledon. We want to hear from you! Leave us a voice message at www.speakpipe.com/NetflixSportsClub Find more from the Netflix Sports Club Podcast @NetflixSports on YouTube, TikTok, Instagram, Facebook, and X. You can catch Kay Adams @heykayadams and Dani Klupenger @daniklup on IG and X. Be sure to follow Kelli Finglass and Judy Trammel @kellifinglass and @dcc_judy on IG. Hosted by Kay Adams, the Netflix Sports Club Podcast is an all-access deep dive into the Netflix Sports universe! Each episode, Adams will speak with athletes, coaches, and a rotating cycle of familiar sports correspondents to talk about a recently released Netflix Sports series. The podcast will feature hot takes, deep analysis, games, and intimate conversations. Be sure to watch, listen, and subscribe to the Netflix Sports Club Podcast on YouTube, Spotify, Tudum, or wherever you get your podcasts. New episodes on Fridays every other week.…
Mysterious rebooting iPhones, EDR vendors spying on hackers, Bitcoin 'meatspace' attacks
Manage episode 449276171 series 2416144
Content provided by Security Conversations. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Conversations or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Three Buddy Problem - Episode 20: We revisit the ‘hack-back’ debate, the threshold for spying on adversaries, Palo Alto watching EDR bypass research to track threat actors, hot nuggets in Project Zero’s Clem Lecinge’s Hexacon talk, Apple’s new iOS update rebooting iPhones in law enforcement custody, the mysterious GoblinRAT backdoor, and physical ‘meatspace’ Bitcoin attacks and more details on North Korean cryptocurrency theft.
Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).
Links:
- Transcript (unedited, AI-generated)
- iPhones mysteriously rebooting themselves
- Apple quietly ships iPhone reboot code
- FBI on China hacking US presidential campaigns iPhones
- Chinese hackers Targeted Phones of Trump, Vance, Harris Campaigns
- Palo Alto: EDR Bypass Testing Reveals Threat Actor's Toolkit
- Palo Alto CVE-2024-5910 marked as exploited
- Toronto crypto company CEO kidnapped
- A list of known 'meatspace' crypto attacks
- North Korea crypto thieves targets macOS
172 episodes
ShareManage episode 449276171 series 2416144
Content provided by Security Conversations. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Conversations or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Three Buddy Problem - Episode 20: We revisit the ‘hack-back’ debate, the threshold for spying on adversaries, Palo Alto watching EDR bypass research to track threat actors, hot nuggets in Project Zero’s Clem Lecinge’s Hexacon talk, Apple’s new iOS update rebooting iPhones in law enforcement custody, the mysterious GoblinRAT backdoor, and physical ‘meatspace’ Bitcoin attacks and more details on North Korean cryptocurrency theft.
Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).
Links:
- Transcript (unedited, AI-generated)
- iPhones mysteriously rebooting themselves
- Apple quietly ships iPhone reboot code
- FBI on China hacking US presidential campaigns iPhones
- Chinese hackers Targeted Phones of Trump, Vance, Harris Campaigns
- Palo Alto: EDR Bypass Testing Reveals Threat Actor's Toolkit
- Palo Alto CVE-2024-5910 marked as exploited
- Toronto crypto company CEO kidnapped
- A list of known 'meatspace' crypto attacks
- North Korea crypto thieves targets macOS
172 episodes
All episodes
×
1 Train brake hack, GRU sanctions, Wagner war crimes, Microsoft's Chinese ‘digital escorts’ 1:48:45
1:48:45 Play Later Play Later Lists Like Liked1:48:45
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 54 : Europol busted pro‑Russian hacktivist crew NoName 057(16), the Brits announce sanctions on Russia’s GRU cyber units, Wagner‑linked “war influencers” streamed atrocities from Africa, and fresh tech worries ranged from a $500 RF flaw that can hijack U.S. train brakes. Plus, ProPublica on Microsoft’s China‑based “digital escorts,” Google’s headline‑grabbing AI‑found SQLite zero‑day, and OpenAI’s new task‑running agents. Meanwhile, Ukraine’s hackers wiped a Russian drone maker, ransomware crippled a major vodka producer, and another Chrome zero‑day quietly underscored how routine critical exploits have become. Cast: Juan Andres Guerrero-Saade , Ryan Naraine and Costin Raiu . Links: Transcript (unedited, AI-generated) Europol targets NoName057(16) pro-Russian cybercrime network Europe's most wanted list UK sanctions Russian spies linked to Mariupol strikes Profile: GRU cyber and hybrid threat operations Lindsay Freeman: War Crimes for Fun and Profit Lindsay Freeman bio CISA: End-of-Train and Head-of-Train Remote Linking Protocol Background of train vulnerability (CVE-2025-1727) ProPublica on Microsoft “Digital Escorts” Google’s Big Sleep AI bug-finding claims EchoLeak (CVE-2025-32711) Russian vodka producer reports disruptions after ransomware attack Ukrainian Hackers Cripple IT Infrastructure of Russian Drone Manufacturer Another exploited Google Chrome zero-day Three Buddy Problem LIVE at Black Hat Ringzer0 COUNTERMEASURE…
1 How did China get Microsoft's zero-day exploits? 1:49:05
1:49:05 Play Later Play Later Lists Like Liked1:49:05
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 53 : We dig into news of the first-ever arrest of a Chinese intelligence-linked hacker in Italy, unpack the mystery behind HAFNIUM and how they somehow got their hands on the same Microsoft Exchange zero-days that researcher Orange Tsai discovered - was it coincidence, inside access, or something more sinister? Plus, China's massive cyber capabilities pipeline, ‘theCom’ teenagers arrested in the UK after ransomware binge, and spyware attacks against Russian organizations. Cast: Juan Andres Guerrero-Saade , Ryan Naraine and Costin Raiu . Links: Transcript (unedited, AI-generated) US Gov: Prolific Chinese state-sponsored contract hacker arrested Microsoft: HAFNIUM targeting Exchange Servers with 0-day exploits Microsoft Exchange Server Attack Timeline YouTube: Orange Tsai on ProxyLogon Crash (exploit) and burn: Securing the offensive cyber supply chain to counter China in cyberspace The Growing Role of Cyber Militias in China’s Network Warfare Force Structure NCA arrest four for attacks on M&S, Co-op and Harrods Four arrested by UK police over ransomware attacks on M&S, Co-op and Harrods Cyberattack deals blow to Russian firmware used to repurpose civilian drones for Ukraine war Cyberattack deals blow to Russian firmware used to repurpose civilian drones for Ukraine war Batavia spyware targeting Russian organizations Chainalysis: First-ever crypto seizure in Greece Ringzer0 COUNTERMEASURE — Three Buddy Problem discount code for training: CM25-3BUDDY LABScon 2025…
1 Who’s hacking who? Ivanti 0-days in France, China outs 'Night Eagle' APT 1:34:16
1:34:16 Play Later Play Later Lists Like Liked1:34:16
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 52 : Fresh intelligence reports out of Europe and China: France’s ANSSI documents a string of Ivanti VPN zero-days ('Houken'), and Quanxin frames a stealth Microsoft Exchange-zero-day chain linked to a North American 'Night Eagle' threat actor. We dissect the technical bread-crumbs, questions the attribution math, and connects Houken to SentinelOne’s “Purple Haze” research. Plus, the FBI’s claim that China’s “Salt Typhoon” has been “contained,” Iran’s Nobitex crypto-exchange breach (Predatory Sparrow torches $90 million and leaks the source code), Iranian cyber capabilities and sanctions avoidance. Cast: Juan Andres Guerrero-Saade , Ryan Naraine and Costin Raiu . Links: Transcript (unedited, AI-generated) Houken: Seeking a path by living on the edge with zero-days China-nexus APTs recon on top-tier targets French cybersecurity agency confirms government affected by Ivanti hacks Top FBI cyber official: Salt Typhoon ‘largely contained’ Operation Blockbuster (Novetta) Israel-Iran cyberwar: Predatory Sparrow, vanishing crypto, bank hacks Inside the Nobitex Breach: What the Leaked Source Code Reveals About Iran’s Crypto Infrastructure cisagov/thorium…
1 Israel-Iran cyberwar: Predatory Sparrow, vanishing crypto, destructive bank hacks 3:07:13
3:07:13 Play Later Play Later Lists Like Liked3:07:13
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 51 : Former Immunity/Trail of Bits researcher Hamid Kashfi joins the buddies for a fast-moving tour of cyber activities in the Israel-Iran war. The crew unpacks who 'Predatory Sparrow' is, why Sepah Bank and the Nobitex crypto exchange were hit, and what a $90 million cryptocurrency burn really means. Plus, radar-blinding cyberattacks that paved the way for Israel’s air raid, the human cost of sudden ATM outages and unpaid salaries, and the puzzling “Code Breakers” data leak that preceded it all. Hamid shares on-the-ground context, the buddies debate whether cyber operations can sway a shooting war, and everyone tries to gauge Iran’s true offensive muscle under sanctions. Cast: Hamid Kashfi , Juan Andres Guerrero-Saade , Ryan Naraine and Costin Raiu . Links: Transcript (unedited, AI-generated) Pro-Israel hackers take credit for cyberattack on Iran's Bank Sepah Predatory Sparrow Burns $90 Million on Iranian Crypto Exchange in Cyber Shadow War Codebreakers and Predatory Sparrow Iranian Exchange Nobitex: The $90M Exploit Iranian newspaper: Defense system was hacked Iranian state TV shows footage of Israeli drone Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks Israeli Officials Warn Iran Is Hijacking Security Cameras to Spy LABScon - Security Research in Real Time Three Buddy Problem LIVE Hamid Kashfi: The curious case of Predatory Sparrow Glasshouse episode with Hamid Kashfi…
1 Cyber flashpoints in Israel-Iran war, the 'magnet of threats', Mossad drone swarms 1:51:48
1:51:48 Play Later Play Later Lists Like Liked1:51:48
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 50 : This week, we dissect cyber flashpoints in the Iran-Israel war, revisit the “magnet of threats” server in Iran that attracted APTs from multiple nation-states, and react to Israel's Mossad sneaking explosive drone swarms deep into Iran to support airstrikes. Plus, Stealth Falcon’s new WebDAV zero-day, SentinelOne’s brush with Chinese APTs, Citizen Lab’s forensic takedown of Paragon’s iPhone spyware, and the sneaky Meta/Yandex trick that links Android web browsing to app IDs. Cast: Juan Andres Guerrero-Saade , Ryan Naraine and Costin Raiu . Links: Transcript (unedited, AI-generated) Israel-Iran war breaks out 'The magnet of threats' Mossad set up drone swarm base in Iran Stealth Falcon's Exploit of Microsoft Zero Day CVE-2025-33053 - WebDAV remote code execution CISA, Microsoft warn of Windows zero-day China-nexus Threat actors target SentinelOne Chinese Espionage Crews Circle SentinelOne Citizen Lab: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted - The Citizen Lab Meta and Yandex are de-anonymizing Android users’ web browsing identifiers Dreadnode Offensive AI Conference LABScon Call for Papers…
1 Mikko Hypponen talks drone warfare, APT naming schemes 1:29:04
1:29:04 Play Later Play Later Lists Like Liked1:29:04
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 49 : Cybersecurity veteran Mikko Hypponen joins the show to discuss the fast-changing life and times on NATO’s newest frontline, how Ukraine’s long-range “Spiderweb” drone swarms punched holes in Russian air bases, the cyber connections to the escalating drone warfare, and the coming wave of autonomous “killer robots”. Plus, news on Ukraine’s hack of bomber-maker Tupolev, the industry’s never-ending APT naming mess, iVerify’s newly disclosed iMessage zero-click bug, fresh Qualcomm GPU exploits still unpatched on Android devices, and Cellebrite’s purchase of Corellium. Cast: Ryan Naraine , Costin Raiu and Mikko Hypponen Juan Andres Guerrero-Saade is out this week at Sleuthcon. Links: Transcript (unedited, AI-generated) Mikko Hyppönen pivots from infosec to drones inspired by war Mikko Hypponen Leaves Anti-Malware Industry to Fight Against Drones Anti-drone system | Sensofusion Ukraine's military intelligence claims cyberattack on Russian strategic bomber maker How Microsoft names threat actors CrowdStrike and Microsoft Unite to Deconflict Cyber Threat Attribution Qualcomm GPU driver 0days (exploitation detected) Chrome 0day exploited in the wild iVerify documents 'Nickname' iMessage exploitation Cellebrite to acquire mobile testing firm Corellium Hacker Chris Wade reveals the story of his presidential pardon, US government collaboration…
1 The dark hole of 'friendlies' and Western APTs 2:11:19
2:11:19 Play Later Play Later Lists Like Liked2:11:19
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 48 : We unpack a Dutch intelligence agencies report on ‘Laundry Bear’ and Microsoft’s parallel ‘Void Blizzard’ write-up, finding major gaps and bemoaning the absence of IOCs. Plus, discussion on why threat-intel naming is so messy, how initial-access brokers are powering even nation-state break-ins, and whether customers (or vendors) are to blame for the confusion. Plus, thoughts on an academic paper on the vanishing art of Western companies exposing Western (friendly) APT operations, debate whether stealth or self-censorship is to blame, and the long-tail effects on cyber paleontology. We also dig into Sean Heelan’s proof that OpenAI’s new reasoning model can spot a Linux kernel 0-day and the implications for humans in the bug-hunting chain. Cast: Juan Andres Guerrero-Saade , Ryan Naraine and Costin Raiu . Links: Transcript (unedited, AI-generated) Dutch intelligence agency outs 'Laundry Bear' Russian APT Russian gov hackers buying passwords from cybercriminals Microsoft: Russian actor Void Blizzard targets critical sectors for espionage Censys data on AyySSHush ASUS router botnet Czech Republic statement on Chinese hack Czech gov condemns Chinese hack on critical infrastructure NATO floats cybersecurity included in new spending target Mark your Google Calendar: APT41 innovative tactics The rise of responsible behavior: Western commercial reports on Western cyber threat actors How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation ASUS Botnet Tracker CISA: Logging Made Easy (LME)…
1 Russia hacks Ukraine war supply lines, Signal blocks Windows screenshots, BadSuccessor vuln disclosure debate 2:30:37
2:30:37 Play Later Play Later Lists Like Liked2:30:37
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 47 : We unpack a multi-agency report on Russia’s APT28/Fancy Bear hacking and spying on Ukraine war supply lines, CISA’s sloppy YARA rules riddled with false positives, the ethics of full-disclosure after Akamai dropped Windows Server “BadSuccessor” exploit details, and Sekoia’s discovery of thousands of hijacked edge devices repurposed as honeypots. The back half veers into Microsoft’s resurrected Windows Recall, Signal’s new screenshot-blocking countermeasure, Japan’s fresh legal mandate for pre-emptive cyber strikes, and why appliance vendors like Ivanti keep landing in the headlines. Along the way you get hot takes on techno-feudalism, Johnny Ive’s rumored AI gadget, and a lively debate over whether publishing exploit code ever helps defenders. Cast: Juan Andres Guerrero-Saade , Ryan Naraine and Costin Raiu . Links: Transcript (unedited, AI-generated) Russian hackers hitting logistics companies supplying Ukraine CISA says Russian hackers targeting Ukraine war supply lines ViciousTrap: Turning edge devices into honeypots BadSuccessor: Abusing dMSA to escalate privileges in Active Directory Signal adds anti-screenshot to thwart Windows Recall Controversial Windows Recall gets security makeover Microsoft's International Criminal Court blockade Japan enacts active cyberdefense law UAE recruiting US personnel Displaced by DOGE…
1 A Coinbase breach with bribes, rogue contractors and a $20M ransom demand 2:23:34
2:23:34 Play Later Play Later Lists Like Liked2:23:34
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 46 : We dig into a Coinbase breach headlined by bribes, rogue contractors and a $20 million ransom demand. Plus, (another!) batch of Ivanti and Microsoft zero-days being exploited in the wild, a new 'Intrusion Logging' feature coming to Android, Apple's iOS 18.5 patches, and the EU announcing its own vulnerability database and software vendor secure-coding pledge. Cast: Juan Andres Guerrero-Saade , Ryan Naraine and Costin Raiu . Links: Transcript (unedited, AI-generated) Coinbase on $20m ransom demand SEC filing on Coinbase breach Coinbase Rogue Contractors Bribed to Leak Customer Data Ivanti 0day exploit chain (CVE-2025-4427 and CVE-2025-4428) Watchtowr blog on new Ivanti 0days CISA Known Exploited Vulnerabilities (KEV) 'Advanced Protection' comes to Android 16 Europe launches it own vulnerability database…
1 JAGS keynote: The intricacies of wartime cyber threat intelligence 31:07
31:07 Play Later Play Later Lists Like Liked31:07
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 45 : (The buddies are trapped in timezone hell with cross-continent travel this week). In the meantime, absorb this keynote presented by Juan Andres Guerrero-Saade (JAG-S) at CounterThreats 2023. It's a frank discussion on the role of cyber threat intelligence (CTI) during wartime and its importance in bridging information gaps between adversaries. Includes talk on the ethical challenges in CTI, questioning the impact of intelligence-sharing and how cyber operations affect real-world conflicts. He pointed to Ukraine and Israel as examples where CTI plays a critical, yet complicated, role. His message: cybersecurity pros need to be aware of the real-world consequences of their work and the ethical responsibility that comes with it. Acknowledgment: Credit for the audio goes to CyberThreat 2023, SANS Institute, NCSC, and SentinelOne. Cast: Juan Andres Guerrero-Saade , Ryan Naraine and Costin Raiu . Links: Keynote transcript The ethics and perils of APT research Recommended Talks The Lost APT Reports…
1 Signalgate redux, OpenAI's Aardvark, normalizing cyber offense 2:38:40
2:38:40 Play Later Play Later Lists Like Liked2:38:40
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 44 : We unpack news that US government officials are using an obscure app to archive Signal messages, OpenAI’s new “Aardvark” code-evaluation and reasoning model and leapfrog implications, NSC cyber lead Alexei Bulazel on normalizing US offensive operations, and JP Morgan Chase CISO’s warning to software vendors. Plus, fresh SentinelOne threat-intel notes, France’s attribution of GRU activity and a head-scratching $330 million Bitcoin heist. Cast: Juan Andres Guerrero-Saade , Ryan Naraine and Costin Raiu . Links: Transcript (unedited, AI-generated) US government using obscure app to archive Signal messages Reuters photo of Mike Waltz phone US revokes Romania visa waiver program OpenSSH bug found by OpenAI 'Aardvark' JP Morgan Chase CISO: An open letter to third-party suppliers JPMorgan Chase CISO Fires Warning Shot Ahead of RSA Conference SentinelOne LABS on DPRK threat actor targeting Alexei Bulazel comments at RSA conference Google report on 0day exploitation in 2024 Apple notifies new victims of spyware attacks across the world France attributes cyberattacks to Russia's military intelligence RT-Solar on ViPNet backdoor from 2021 Kaspersky: Sophisticated backdoor mimicking secure networking software updates $330m Bitcoin heist…
1 Thomas Rid joins the show: AI consciousness, TP-Link's China connection, trust in hardware security 1:33:42
1:33:42 Play Later Play Later Lists Like Liked1:33:42
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 43 : Director of the Alperovitch Institute for Cybersecurity Studies Thomas Rid joins the show for a deep-dive into the philosophical and ethical considerations surrounding AI consciousness and anthropomorphism. We dig into the multifaceted implications of AI technology, particularly focusing on data privacy, national security, and the philosophical questions surrounding AI consciousness and rights. Plus, TP-Link under US government investigation and the broader issues of consumer trust in hardware security, the need for regulation and inspectability of technology, and the struggles with patching network devices. Cast: Thomas Rid , Juan Andres Guerrero-Saade and Ryan Naraine . Costin Raiu is away this week. Links: Transcript (unedited, AI-generated) Anthropic: Exploring AI model welfare, consciousness David Chalmers: Taking AI Welfare Seriously Sam Altman: AI privacy safeguards can’t be established before ‘problems emerge’ TP-Link router pricing and China ties under US gov probe Bloomberg: TP-Link’s US Future Hinges on Claimed Split From China Verizon DBIR 2015 (full report) Mandiant M-Trends 2025 Report FBI seeking tips about China's 'Salt Typhoon' hackers North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature Dan Geer on the realpolitik of cybersecurity LABScon 2025 CFP is open Ransom War by Max Smeets…
1 China doxxes NSA, CVE's funding crisis, Apple's zero-day troubles 1:39:19
1:39:19 Play Later Play Later Lists Like Liked1:39:19
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 42 : We dig into news that China secretly fessed up to the Volt Typhoon hacks and followed up with claims that named NSA agents launched advanced cyberattacks against the Asian Winter Games. Plus, the MITRE CVE funding crisis, new Apple 0days in the wild includes PAC bypass exploit, Microsoft Patch Tuesday zero-days. Plus, the effectiveness of Lockdown Mode, the rising costs of mobile exploits, Chris Krebs' exit from SentinelOne after a presidential executive order, and the value and effectiveness of security clearances. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) China names alleged NSA cyberattack agents WSJ: In Secret Meeting, China Acknowledged Role in U.S. Infrastructure Hacks Apple Quashes Two Zero-Days With iOS, MacOS Patches Apple bulletin - iOS 18.4.1 Security Vulnerabilities Android zero-days documented MITRE CVE Program Gets Last-Hour Funding Reprieve NIST Still Struggling to Clear Vulnerability Submissions Backlog in NVD EU issues US-bound staff with burner phones to avoid espionage Exploitation of CLFS zero-day leads to ransomware Google announces Sec-Gemini v1 cybersecurity model…
1 NSA director fired, Ivanti's 0day screw-up, backdoor in robot dogs 1:36:57
1:36:57 Play Later Play Later Lists Like Liked1:36:57
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 41 : Costin and Juanito join the show from Black Hat Asia in Singapore. We discuss Bunnie Huang's keynote on hardware supply chains and a classification system to establish a grounded perspective on trust in hardware, Ivanti's misdiagnosis of a critical VPN applicance flaw and Mandiant reporting on a Chinese APT exploiting Ivanti devices. Plus, breaking news on the sudden firing of NSA director and head of Cyber Command Tim Haugh. We also discuss Microsoft touting AI's value in finding open-source bootloader bugs, Silent Push report on a RUssian APT impersonating the CIA, a backdoor in a popular Chinese robot dog, and Chinese dominance of the robotics market. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) National Security Agency chief ousted after far-right activist urged his removal Mandiant: China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability Ivanti security bulletin (CVE-2025-22457) Chinese APT exploits misdiagnosed RCE in Ivanti VPNs Another exploited 0day in Apple iOS Android version of Lockdown Mode coming Microsoft: Using AI to find open-source bootloader flaws Indiana University cybersecurity "safe" after FBI home searches Silent Push: Russians impersonate CIA to target Ukraine sympathizers Unitree Go1 robot dog backdoor documentation America is missing in the robotics race Automated AI Reverse Engineering with MCP for IDA and Ghidra Bunny Huang: Perspectives on trust in hardware supply chains…
1 Signalgate and ID management hiccups, PuzzleMaker and Chrome 0days, Lab Dookhtegan returns 1:52:34
1:52:34 Play Later Play Later Lists Like Liked1:52:34
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 40 : On the show this week, we look at the technical deficiencies and opsec concerns around the use of Signal for ultra-sensitive communications. Plus, some speculation on who's behind Kaspersky’s ‘Operation Forum Troll’ report, Chinese discussion on NSA/CIA mobile networks exploitation, and the return of ‘Lab Dookhtegan’ hack-and-leak exposures. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) The Atlantic: The Trump admin accidentally texted me its war plans The Atlantic: Here are the attack plans shared on Signal Signal statement on SignalGate Our experts separate Signal from noise in the Trump team group chat Operation ForumTroll exploits zero-days in Google Chrome PuzzleMaker attacks with Chrome zero-day exploit chain Ten most mysterious APT campaigns that remain unattributed Operation FishMedley linked to i-SOON Chinese gov agency on mobile attacks by US intel agencies LabDookhtegan Telegram channel Tornado Cash sanctions removed Intrusion Truth Lab Dookhtegan archives on CyberScoop…
T
Three Buddy Problem
1 China exposing Taiwan hacks, Paragon spyware and WhatsApp exploits, CISA budget cuts 1:56:22
1:56:22 Play Later Play Later Lists Like Liked1:56:22
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 39 : Luta Security CEO Katie Moussouris joins the buddies to parse news around a coordinated Chinese exposure of Taiwan APT actors, CitizenLab's report on Paragon spyware and WhatsApp exploits, an “official” Russian government exploit-buying operation shopping for Telegram exploits, the fragmentation of exploit markets and the future of CISA in the face of budget cuts and layoffs. Cast: Katie Moussouris , Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) China's MSS discloses Taiwan APTs Antiy report Taiwan's "Green Spot" attack group Citizen Lab on Paragon’s Proliferating Spyware Operations Operation Zero wants Telegram 1-click RCE exploits Operation Zero 0day Vulnerability Platform GitHub Action supply chain attack Blast radius of GitHub Action supply chain attack Windows .lnk shortcut exploit abused as zero-day Sean Plankey nominated to lead CISA Trump admin halts funding for two cybersecurity efforts CISA publishes Jen Easterley's calendars CISA statement on 'red-team' layoff reports…
T
Three Buddy Problem
1 A half-dozen Microsoft zero-days, Juniper router backdoors, advanced bootkit hunting 2:05:43
2:05:43 Play Later Play Later Lists Like Liked2:05:43
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 38 : On the show this week, we look at a hefty batch of Microsoft zero-days exploited in the wild, iOS 18.3.2 fixing an exploited WebKit bug, a mysterious Unpatched.ai being credited with Microsoft Access RCE flaws, and OpenAI lobbying for the US to ban China's DeepSeek. Plus, discussion on a Binarly technical paper with new approach to finding UEFI bootkits, Mandiant flagging custom backdoors on Juniper routers, and MEV 'sandwich attacks' front-running cryptocurrency transactions. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) Microsoft Flags Six Active Zero-Days, Patches 57 Flaws Unpatched.ai discoveries Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw Apple iOS 18.3.2 and iPadOS 18.3.2 documentation Citizen Lab: Predator in the wires FreeType Zero-Day Being Exploited in the Wild CVE-2020-15999: FreeType Heap Buffer Overflow Mandiant : Ghost in the Juniper router Jun OS out-of-cycle security bulletin (CVE-2025-21590) Juniper Malware Removal Tool Binarly: UEFI Bootkit Hunting -- In-Depth Search for Unique Code Behavior Crypto Trader Loses $215,000 in MEV Sandwich Attack on Uniswap The Secretive World Of MEV, Where Bots Front-Run Crypto Investors For Big Profits Reuters journalist Raphael Satter loses overseas citizenship Yanis Varoufakis: Trump’s tariff chaos explained Technofeudalism: What Killed Capitalism (Yanis Varoufakis)…
T
Three Buddy Problem
1 Revisiting the Lamberts, i-Soon indictments, VMware zero-days 1:39:32
1:39:32 Play Later Play Later Lists Like Liked1:39:32
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 37 : This week, we revisit the public reporting on a US/Russia cyber stand down order, CISA declaring no change to its position on tracking Russian threats, and the high-level diplomatic optics at play. Plus, a dissection of ‘The Lamberts’ APT and connections to US intelligence agencies, attribution around ‘Operation Triangulation’ and the lack of recent visibility into these actors. We also discuss a fresh batch of VMware zero-days, China’s i-Soon ‘hackers-for-hire’ indictments, the Pangu/i-Soon connection, and a new wave of Apple threat-intel warnings about mercenary spyware infections. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) Kim Zetter: Did Trump admin order a stand-down on Russia? Unraveling the Lamberts Toolkit (Securelist) VB2019: King of the hill: nation-state counterintelligence for victim deconfliction VB2018: Draw me like one of your French APTs Symantec: Who is Longhorn? VMware: Three new zero-days exploited Broadcom patches 3 VMware zero-days exploited in the wild DOJ indictments: i-Soon hackers for hire and APT27 Unmasking I-Soon Catalan court orders former NSO Group execs be indicted for spyware abuses Apple sending 'mercenary spyware' threat notifications How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist Safe{Wallet] post-mortem on ByBit $1.4B crypto heist…
T
Three Buddy Problem
1 Lazarus ByBit $1.4B heist was supply chain attack on developer 1:53:22
1:53:22 Play Later Play Later Lists Like Liked1:53:22
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 36 : Ryan and Juanito join the show from the RE//verse conference with discussion on Natalie Silvanovic’s keynote on hunting for bugs in mobile messengers, the thrill of looking at exposed attack surfaces and the grueling “losses” bug hunters endure before a breakthrough. We also cover the latest on the $1.4 billion ByBit hack pinned on the Lazarus Group and the malicious JavaScript supply chain attack at the center of the cryptocurrency heist. Plus, the ethical gray zones of tethered exploits via Cellebrite, the whiplash of AI-driven threat intel, and the looming pivot in U.S. cyber policy signaling a stand-down on Russia-focused ops. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) RE//verse Conference FBI Says North Korea Hacked Bybit as Details of $1.5B Heist Emerge FBI alert on $1.5b crypto heist CISA report on TraderTraitor Bybit launches bug bounty program Lazarus Bounty Cellebrite zero-day exploit used to target phone of Serbian student activist Trump administration retreats in fight against Russian cyber threats Hegseth orders Cyber Command to stand down on Russia planning…
T
Three Buddy Problem
1 North Korea's biggest ever crypto heist: $1.4B stolen from Bybit 2:07:07
2:07:07 Play Later Play Later Lists Like Liked2:07:07
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 35 : Juanito is live from DistrictCon with notes on discussion of an elusive iOS zero-day by a company called QuaDream and Apple’s controversial removal of iCloud backup end-to-end encryption in the UK. We also cover a staggering $1.4 billion hack by the Lazarus Group against Bybit, new angles in NSA-linked cyber-espionage against China’s top universities, Chinese hacking gangs moonlighting as ransomware criminals, and Russian APTs abusing Signal’s “linked devices” feature. Plus, Costin explains Microsoft’s quantum computing breakthrough. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) DistrictCon: Dissecting a QuaDream iOS zero-day Unpacking the UK government's secret iCloud backdoor demand U.K. orders Apple to let it spy on users’ encrypted accounts Apple Pulls Advanced Data Protection for New UK Users Amid Backdoor Demand Bybit Sees Over $4 Billion ‘Bank Run’ After Crypto’s Biggest Hack ByBit CEO explains crypto heist iVerify on Pegasus infections Is there a Pangu Team/i-SOON connection? Russian hackers actively targeting Signal Messenger How Russian APTs abuse Signal 'linked devices' for real-time spying Cisco Talos: In the midst of a Typhoon Satya Nadella: Reflections on a quantum computing breakthrough Taiwan wants to ban Fortinet, Zoom Pangu Team Bvp47 report…
T
Three Buddy Problem
1 An 'extremely sophisticated' iPhone hack; Google flags major AMD microcode bug 1:25:12
1:25:12 Play Later Play Later Lists Like Liked1:25:12
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 34 : We dig into the latest exploited Apple iPhone zero-day (USB Restricted Mode bypass), an AMD microcode flaw so serious it’s not being fully disclosed, a barrage of Patch Tuesday updates, the helpless nature of trying to defend corporate networks, Russian threat actor movements, and fresh intel from Rapid7, Volexity, and Microsoft. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) Apple iOS 18.3.1 zero-day bulletin Apple Says iPhone USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack Quarkslab: Analysis of USB Restricted Mode bypass (CVE-2025-24200) ZDI Patch Tuesday recap (exploited Windows 0days) The BadPilot campaign (Seashell Blizzard subgroup) Rapid7 on PostgreSQL zero-day linked to BeyondTrust 0days PostgreSQL 0day advisory (CVE-2025-1094) Google partial disclosure of high-risk flaw in AMD microcode AMD SEV Confidential Computing Vulnerability (CVE-2024-56161) Fortinet documents another exploited 0day Storm-2372 conducts device code phishing campaign CrowdStrike on malware naming schemes…
T
Three Buddy Problem
1 Unpacking the UK government's secret iCloud backdoor demand 2:22:42
2:22:42 Play Later Play Later Lists Like Liked2:22:42
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 33 : In this episode, we unpack the UK government's secret push for backdoor access to encrypted iCloud data, Apple’s approach to iCloud encryption, and the broader implications for privacy and security on a global scale. Plus, how security agencies handle zero-day vulnerabilities, surveillance spyware and mercenary hacking, and TikTok-powered election disinformation and interference. From wormable exploits like Eternal Bue to the realities of AI-based spying, the episode offers a detailed look into how government oversight, private sector collaboration, and shifting market forces have reshaped the way we think about cybersecurity. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) UK orders Apple to let it spy on users’ iCloud data How to turn on Advanced Data Protection for iCloud Kim Zetter: US government disclosed 39 zero-days in 2023 CISA alert on Trimble zero-day exploitation France VIGINUM report on foreign digital election interference…
T
Three Buddy Problem
1 Inside the DeepSeek AI existential crisis, Chinese 'backdoor' in medical devices 2:19:44
2:19:44 Play Later Play Later Lists Like Liked2:19:44
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 32 : In this episode, we rummage through the DeepSeek hype and break down what makes it different from OpenAI’s models, why it’s stirring up existential controversies, and what it means for the broader tech landscape. We get into the privacy concerns, the geo-political implications, how AI models handle data, the ongoing debate over IP theft and innovation, and the challenges that come with a Chinese company shipping an open-source alternative. Beyond AI, we dig into some of the latest headlines; from a Chinese ‘backdoor’ in medical devices, problems with CISA’s backdoor bulletin, the risks of insecure IoT, phishing attacks on influencers, and ongoing battles over censorship in the VPN space. We also touch on WhatsApp catching spyware vendor Paragon Solutions and potential shifts in U.S. government policy on commercial mercenary hacking and surveillance companies. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) DeepSeek Privacy Policy White House evaluates effect of China AI app DeepSeek on national security Why ‘Distillation’ Has Become the Scariest Word for AI Companies Microsoft Probing If DeepSeek-Linked Group Improperly Obtained OpenAI Data U.S. Navy bans use of DeepSeek AI Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information ScatterBrain: Unmasking the Shadow of PoisonPlug's Obfuscator ScatterBrain: Deobfuscation library for PoisionPlug.SHADOW's ScatterBrain obfuscator CISA, FDA Warn of Dangerous Backdoor in Contec Patient Monitors CISA advisory: Contec CMS8000 contains a backdoor Contec CMS 8000 product manual NordVPN NordWhisper WhatsApp: Spyware company Paragon targeted users in two dozen countries X Phishing Campaign Targeting High Profile Accounts, Promoting Crypto Scams LABScon24: Follow the Money -- CCP’s Ownership of Firms Investing in the USA (Elly Rostoum) Binarly Post-Quantum Readiness Technology…
T
Three Buddy Problem
1 Death of the CSRB, zero-days storms at the edge, Juniper router backdoors 1:48:59
1:48:59 Play Later Play Later Lists Like Liked1:48:59
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 31 : Dennis Fisher steps in for Ryan Naraine to moderate discussion on a very busy week in cybersecurity. The cast dig into the wave of big research reports, the disbanding of the Cyber Safety Review Board (CSRB), the ongoing flood of exploits targeting security appliances from Ivanti and SonicWall, and the recent Lumen research on Juniper router backdoors. Plus, the challenges of coordinating disclosures, the tough realities of intelligence work, and the complex landscape of nation-state attacks -- especially around Chinese threat actors and Western defenses. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Dennis Fisher. Ryan Naraine in on work travel. Links: Transcript (unedited, AI-generated) DHS Disbands Cyber Safety Review Board, Ending One of CISA’s Few Bright Spots CSRB report on Microsoft Exchange Online Intrusion Senator Ron Wyden on CSRB disbandment CISA CSRB: good riddance Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications SonicWall confirms new 0day exploited in the wild The J-Magic Show: Magic Packets and Where to Find Them…
T
Three Buddy Problem
1 Inside the PlugX malware removal operation, CISA takes victory lap and another Fortinet 0day 1:59:52
1:59:52 Play Later Play Later Lists Like Liked1:59:52
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 30 : We discuss French threat-intel Sekoia creating a portal to handle “sovereign disinfections” of the PlugX malware, CISA leadership taking a victory lap using the ‘Secure by Design’ pledge as a trophy, the new Biden cybersecurity Executive Order, another Fortinet zero-day, the TikTok ban and Ukrainian hackers targeting Russian companies. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) Court-Authorized Operation Removes PlugX Malware from Over 4,200 Infected U.S. Computers PlugX removal affidavit Sekoia -- PlugX worm disinfection campaign Jen Easterly: Building a secure by Design ecosystem Trump zeroes in on Sean Plankey to lead CISA Sean Plankey bio Biden cybersecurity executive order Biden executive order aims to shore up US cyber defenses Gravy Analytics accused of negligence over location data breach Tracking the mobile trackers (Costin Raiu) - YouTube Russia's largest platform for state procurement hit by cyberattack from pro-Ukraine group New Star Blizzard spear-phishing campaign targets WhatsApp accounts UK proposes ransomware payment ban Fortinet authentication bypass zero-day Fortinet: Deep dive into a Linux rootkit malware Bernardo Quintero's new book on VirusTotal (Spanish-language)…
T
Three Buddy Problem
1 Hijacking .gov backdoors, Ivanti 0days and a Samsung 0-click vuln 1:48:21
1:48:21 Play Later Play Later Lists Like Liked1:48:21
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 29 : Another day, another Ivanti zero-day being exploited in the wild. Plus, China's strange response to Volt Typhoon attribution, Japan blames China for hacks, a Samsung 0-click vulnerability found by Project Zero, Kim Zetter's reporting on drone sightings and a nuclear scare. Plus, hijacking abandoned .gov backdoors and Ukrainian hacktivists wiping a major Russian ISP. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) Ivanti Connect Secure zero-day advisory Mandiant report on new Ivanti zero-day China Daily responds to Volt Typhoon attribution Japan warns about Chinese 'MirrorFace' attacks Who is MirrorFace? Natalie Silvanovich on new Samsung 0-click Kim Zetter: Anatomy of a Nuclear Scare Backdooring .gov backdoors via $20 domains APT32 poisoning GitHub, targeting Chinese security pros Ukraine wipes Russian ISP Russian internet provider confirms network ‘destroyed’ by Ukrainian hackers Mullvad: Quantum-resistant tunnels on desktop VPN Fundraiser for Marc Rogers CNN: Amit Yoran has died at 54…
T
Three Buddy Problem
1 US Treasury hacked via BeyondTrust, MISP and the threat actor naming mess 1:49:16
1:49:16 Play Later Play Later Lists Like Liked1:49:16
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 28 : In this episode, we explore the ongoing challenges of threat actor naming in cybersecurity and the confusion caused by a lack of standardization, methodological inconsistencies and skewed, marketing-driven incentives. Plus, the US Treasury/BeyondTrust hack, the surge in 0day discoveries, a new variant of the Xdr33 CIA Hive malware, and exclusive new information on the Cyberhaven Chrome extension security incident. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) BeyondTrust statement on hack investigation U.S. Treasury says it was hacked by China-backed actors Another Palo Alto 0day exploited in the wild US telcos say they've evicted Salt Typhoon Chinese hackers Google: What is BeyondCorp? Introducing the MISP Threat Actor Naming Standard MISP: Recommendations on Naming Threat Actors New variant of the CIA HIVE attack kit Xdr33 Variant Of CIA's HIVE Attack Kit Emerges Savvy Seahorse connection to Cyberhaven incident US sanctions China's Integrity Technology over Flax Typhoon hacks Operation Aurora APT1 Exposing One of China’s Cyber Espionage Units…
T
Three Buddy Problem
1 Palo Alto network edge device backdoor, Cyberhaven browser extension hack, 2024 research highlights 1:53:11
1:53:11 Play Later Play Later Lists Like Liked1:53:11
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 27 : We discuss the discovery of a Palo Alto network firewall attack and a stealthy network ed ge device backdoor (LITTLELAMB.WOOLTEA), the Cyberhaven hack and the shady world of browser extensions, and a look back at the top research projects that caught our attention in 2025. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) LITTLELAMB.WOOLTEA: Stealthy Network Edge Device Backdoor Palo Alto: Operation Lunar Peek Investigating Ivanti Connect Secure VPN Exploitation and Persistence Attempts “A Digital Prison”: Surveillance and the suppression of civil society in Serbia Cyberhaven breach reported. Employee phished and pushed malicious chrome extension GRU 29155 doing cyber operations How a Group of Israel-Linked Hackers Has Pushed the Limits of Cyberwar Sophos Used Custom Implants to Surveil Chinese Hackers Targeting Firewall Zero-Days Operation MiddleFloor: Unmasking the Disinformation Campaign Targeting Moldova's National Elections NSPX30: A sophisticated AitM-enabled implant evolving since 2005 backdoor in upstream xz/liblzma leading to ssh server compromise PKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem The Tech Coup - How to Save Democracy from Silicon Valley…
T
Three Buddy Problem
1 US government's VPN advice, dropping bombs on ransomware gangs 1:58:40
1:58:40 Play Later Play Later Lists Like Liked1:58:40
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 26 : We dive deep into the shadowy world of surveillance and cyber operations, unpacking Amnesty International's explosive report on NoviSpy, a previously unknown Android implant used against Serbian activists, and the links to Israeli forensics software vendor Cellebrite. Plus, thoughts on the US government’s controversial guidance on VPNs, Chinese reports on US intel agency hacking, TP-Link sanctions chatter, Mossad's dramatic exploding beeper operation and the ethical, legal, and security implications of escalating cyber-deterrence. Also, a mysterious BeyondTrust 0-day! Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) Surveillance and the suppression of civil society in Serbia CISA: VPN and mobile device security guidance Costin Raiu: Staying safe from Pegasus, Chrysaor and other APT mobile malware (2024 update) Bitsight: The Aftermath of the Kaspersky Ban US Probes China-Founded Router Maker TP-Link Rob Joyce: Move away from TP-Link China report on US intelligence corporate hacking Foreign hackers need to face real consequences Israel's Mossad spent years orchestrating Hezbollah pager plot BeyondTrust 0day Sophos Firewall CVSS 9.8 bulletin…
T
Three Buddy Problem
1 Surveillance economics, Turla and Careto, and the AI screenshots nobody asked for 2:14:07
2:14:07 Play Later Play Later Lists Like Liked2:14:07
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 25 : An update on Romania’s cancelled election, the implications of TikTok on democratic processes, and the broader issues around surveillance capitalism and micro-targeting. Plus, news on Turla piggybacking on cybercriminal malware to hit Ukraine, the return of Careto and the absence of IOCs, Claroty report on an Iran-linked cyberweapon targeting critical infrastructure, ethical considerations in cyberwarfare, and the implications of quantum computing on security and cryptocurrencies. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) Turla using tools of other groups to attack Ukraine (Microsoft) EpicTurla.com: The lost reports Microsoft Recall screenshots credit cards and SSNs Stephan Casas: macOS applications quietly capturing screenshots CVE-2024-49138 - MS 0day exploited in the wild Sanctions hit Chinese company behind Sophos 0day attack SentinelLabs: Operation Digital Eye Careto APT’s recent attacks discovered Claroty: Inside a New OT/IoT cyberweapon Predatory Sparrow: cyber sabotage with a conscience? Willow, Google's state-of-the-art quantum chip What sucks in security? Research findings from 50+ security leaders…
T
Three Buddy Problem
1 Inside the Turla Playbook: Hijacking APTs and fourth-party espionage 1:47:08
1:47:08 Play Later Play Later Lists Like Liked1:47:08
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 24 : In this episode, we did into Lumen/Microsoft’s revelations on Russia's Turla APT stealing from a Pakistani APT, and issues around fourth-party espionage and problems with threat actor attribution. We also discuss Citizen Lab’s findings on Monokle-like spyware implanted by Russian authorities, the slow pace of Salt Typhoon disinfection, the Solana web3.js supply chain attack affecting crypto projects, and the Romanian election crisis over Russian interference via TikTok. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine . Links: Transcript (unedited, AI-generated) Russian APT Turla Caught Stealing From Pakistani APT Snowblind: The Invisible Hand of Secret Blizzard Microsoft: Secret Blizzard compromising Storm-0156 infrastructure for espionage | Microsoft Security Blog EpicTurla.com Device Confiscated by Russian Authorities Returned with Monokle-Type Spyware Lookout Security research paper on Monokle spyware Parubets: How a programmer foiled his own FSB recruitment CISA/FBI guidance to repel Salt Typhoon US officials say they still have not expelled Chinese telco hackers Solana backdoored in supply chain hack Romania's top court annuls first round of presidential vote won by far-right candidate…
T
Three Buddy Problem
1 Volexity’s Steven Adair on Russian Wi-Fi hacks, memory forensics, appliance 0days and network inspectability 1:18:33
1:18:33 Play Later Play Later Lists Like Liked1:18:33
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 23 : Volexity founder Steven Adair joins the show to explore the significance of memory analysis and the technical challenges associated with memory dumping and forensics. We dig into Volexity’s “nearest neighbor” Wi-Fi hack discovery, gaps in EDR detection and telemetry, and some real-talk on the Volt Typhoon intrusions. We also cover news on a Firefox zero-day exploited on the Tor browser, the professionalization of ransomware, ESET's discovery of a Linux bootkit (we have a scoop on the origins of this!), Binarly research on connections to LogoFAIL, and major visibility gaps in the firmware ecosystem. Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek). Honorary buddy: Steven Adair (Volexity) Links: Transcript (unedited, AI-generated) Steven Adair on LinkedIn The Nearest Neighbor Wi-Fi Attack Detecting Compromise of Palo Alto Networks GlobalProtect Devices Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days Volexity Warns of 'Active Exploitation' of Zimbra Zero-Day RomCom exploits Firefox and Windows zero days in the wild Bootkitty: Analyzing the first UEFI bootkit for Linux Binarly: LogoFAIL Exploited to Deploy Bootkitty T-Mobile statement on Salt Typhooon LABScon24 Replay -- Cristina Cifuentes…
T
Three Buddy Problem
1 Sid Trivedi on the RSA Innovation Sandbox $5 million investment gambit 1:01:12
1:01:12 Play Later Play Later Lists Like Liked1:01:12
Play Later Play Later Lists Like LikedEpisode sponsors: Binarly ( https://binarly.io ) Binary Risk Hunt ( https://risk.binarly.io ) In this reboot of the Security Conversations interview series, Foundation Capital partner Sid Trivedi weighs in on major changes to the RSA Innovation Sandbox, the mandatory $5M uncapped SAFE investment for all 10 finalists, and red-flag concerns around discounts and pro-rata rights. Also discussed: controversial pay-for-play dynamics involving CISOs and venture capital firms, ethical implications of CISOs taking advisory positions in startups, and the challenges of investing in seed-stage startups amidst a trend towards platformization. Links: RSA’s Innovation Sandbox: Cybersecurity Startups Must Accept $5 Million Investment RSA Innovation Sandbox: $50 Million Annual Investment Program for Top 10 Finalists RSA Conference - How do SAFEs work? This VC Built A Cybersecurity Unicorn Machine. Then Came A Conflict Of Interest Mess. The Gili Ra’anan model: CISOs and VCs controversy Sid Trivedi bio Foundation Capital…
T
Three Buddy Problem
1 Russian APT weaponized nearby Wi-Fi networks in DC, new macOS zero-days, DOJ v Chrome 1:28:22
1:28:22 Play Later Play Later Lists Like Liked1:28:22
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 22 : We discuss Volexity’s presentation on Russian APT operators hacking Wi-Fi networks in “nearest neighbor attacks,” the Chinese surveillance state and its impact on global security, the NSA's strange call for better data sharing on Salt Typhoon intrusions, and the failures of regulatory bodies to address cybersecurity risks. We also cover two new Apple zero-days being exploited in the wild, the US Government’s demand that Google sell the Chrome browser, and the value of data in the context of AI. Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek). Links: Transcript - (unedited, AI-generated) Russian APT WiFI Nearest Neighbor Attack Russian Spies Jumped From One Network to Another Via Wi-Fi Advisory: New exploited Apple zero-days NSA Director Wants Industry to Disclose Details of Telecom Hacks Microsoft's "Free" Plan to Upgrade Government Cybersecurity Was Designed to Box Out Competitors and Drive Profits Microsoft accuses Google of 'Shadow Campaigns' DOJ calls for breakup of Google and sale of Chrome DPRK IT Workers -- A Network of Active Front Companies and Their Links to China Be careful when coding with ChatGPT GSM-Symbolic: Understanding the Limitations of Mathematical Reasoning in Large Language Models PIVOTcon 2025…
T
Three Buddy Problem
1 What happens to CISA now? Is deterrence in cyber possible? 1:53:51
1:53:51 Play Later Play Later Lists Like Liked1:53:51
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 21 : We dig into an incredible government report on Iranian hacking group Emennet Pasargad and tradecraft during the Israel/Hamas war, why Predatory Sparrow could have been aimed at deterrence in cyber, and the FBI/CISA public confirmation of the mysterious Salt Typhoon hacks. Plus, discussion on hina’s cyber capabilities, the narrative around “pre-positioning” for a Taiwan conflict, the blending of cyber and kinetic operations, and the long tail of Chinese researchers reporting Microsoft Windows vulnerabilities. The future of CISA is a recurring theme throughout this episode with some speculation about what happens to the agency under the Trump administration. Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek). Links: Transcript (unedited, AI-generated) CISA/Israel gov report on Iranian hacking operations Check Point: A deep-dive of Iran's WezRat malware Trend Micro report on Earth Estries FBI/CISA on China hacking US telcos US accuses China of vast cyberespionage against telecoms Volt Typhoon hackers hit SingTel in Singapore New Palo Alto firewall 0day attack CVE-2024-43450 - China reports Windows DNS Spoofing vuln…
T
Three Buddy Problem
1 Mysterious rebooting iPhones, EDR vendors spying on hackers, Bitcoin 'meatspace' attacks 1:37:00
1:37:00 Play Later Play Later Lists Like Liked1:37:00
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 20 : We revisit the ‘hack-back’ debate, the threshold for spying on adversaries, Palo Alto watching EDR bypass research to track threat actors, hot nuggets in Project Zero’s Clem Lecinge’s Hexacon talk, Apple’s new iOS update rebooting iPhones in law enforcement custody, the mysterious GoblinRAT backdoor, and physical ‘meatspace’ Bitcoin attacks and more details on North Korean cryptocurrency theft. Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek). Links: Transcript (unedited, AI-generated) iPhones mysteriously rebooting themselves Apple quietly ships iPhone reboot code FBI on China hacking US presidential campaigns iPhones Chinese hackers Targeted Phones of Trump, Vance, Harris Campaigns Palo Alto: EDR Bypass Testing Reveals Threat Actor's Toolkit Palo Alto CVE-2024-5910 marked as exploited Toronto crypto company CEO kidnapped A list of known 'meatspace' crypto attacks North Korea crypto thieves targets macOS…
T
Three Buddy Problem
1 The Sophos kernel implant, 'hack-back' implications, CIA malware in Venezuela 1:54:14
1:54:14 Play Later Play Later Lists Like Liked1:54:14
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 19 : We explore Ivan Kwiatkowski’s essay on the limits of threat intelligence, Sophos using kernel implants to surveil Chinese hackers, the concept of ‘hack-back’ and legal implications, geopolitical layers of cyber espionage, CIA malware in Venezuela, Vatican/Mossad mentioned in high-profile Italy hacks, and Canada bracing for .gov attacks from India. Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek). Links: Transcript (unedited, AI-generated) Ivan Kwiatkowski: Threat intel truths inside JAG-S LABScon keynote Sophos Used Custom Implants to Surveil Chinese Hackers Sophos Pacific Rim report NCSC details ‘Pygmy Goat’ network backdoor NCSC 'Pygmy Goat' report Massive hack-for-hire scandal rocks Italian political elites – POLITICO Vatican, Israel implicated in Italy hacking scandal Wired on CIA hack of Venezuela military payroll system Is Now on VT!…
T
Three Buddy Problem
1 Fortinet 0days, Appin hack-for-hire exposé, crypto heists, Russians booted from Linux kernel 1:26:44
1:26:44 Play Later Play Later Lists Like Liked1:26:44
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 18 : This week’s show covers the White House's new Traffic Light Protocol (TLP) guidance, Reuters expose of Appin as a hack-for-hire mercenary company, Fortinet zero-day exploitation and missing CSRB investigations, major cryptocurrency heists, Apple opening Private Cloud Compute to public inspection, Russians removed from Linux kernel maintenance and China’s Antiy beefing with Sentinel One over APT reporting. Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek). Links: Transcript (AI-generated) White House TLP guidance Applin -- How an Indian startup hacked the world Burning Zero Days: FortiJump FortiManager Flaw Mandiant on FortiManager Zero-Day Exploitation Fortinet bulletin on new 0day exploitation Radiant Capital $50M cryptocurrency theft DPRK's Lazarus steals cryptocurrency with decoy MOBA game Apple opens Private Cloud Compute to security inspection Russians booted from Linux kernel driver maintenance Antiy paper responding to SentinelOne…
T
Three Buddy Problem
1 ESET Israel wiper malware, China's Volt Typhoon response, Kaspersky sanctions and isolation 1:38:18
1:38:18 Play Later Play Later Lists Like Liked1:38:18
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 17 : News of a wiper malware attack in Israel implicating ESET, threats from wartime hacktivists, China's strange response to Volt Typhoon attribution and Section 702 messaging, an IE zero-day discovery and web browser rot in South Korea, the ongoing isolation of Kaspersky due to sanctions, and the geopolitical influences affecting cybersecurity reporting. Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek). Links: ESET Israel wiper attacks ESET comment on Israel wiper incident Dakota Cary on China’s Volt Typhoon Influence Ops Volt Typhoon III (PDF) US Sanctions 12 Kaspersky Executives Kaspersky closing down its UK office MAPP vendor list VirusTotal Transcript (AI-generated)…
T
Three Buddy Problem
1 Typhoons and Blizzards: Cyberespionage and national security on front burner 1:09:09
1:09:09 Play Later Play Later Lists Like Liked1:09:09
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 16 : We break down the new GCHQ advisory on the history and tactics of Russia’s APT29, the challenges of tracking and defending against these sophisticated espionage programs, the mysterious Salt Typhoon intrusions, the absence of technical indicators (IOCs), the risks of supply chain attacks. We also touch on the surge in zero-day discoveries, the nonstop flow of exploited Ivanti security bugs, and why the CSRB should investigate these network edge device and appliance vendors. Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek). Links: NCSC exposé on SVR/APT29 history and tactics APT29 / Midnight Blizzard VIDEO: A Surprise Encounter With A Telco APT The Athens Affair - IEEE Spectrum — How some extremely smart hackers pulled off the most audacious cell-network break-in ever Wikipedia: The Athens Affair WSJ report on Salt Typhoon hacks In-the-wild zero-day counter Microsoft Confirms Exploited Zero-Day in Windows Management Console…
T
Three Buddy Problem
1 Careto returns, IDA Pro pricing controversy, crypto's North Korea problem 1:30:38
1:30:38 Play Later Play Later Lists Like Liked1:30:38
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 15 : Juanito checks in from Virus Bulletin with news on the return of Careto/Mask, a ‘milk-carton’ APT linked to Spain. We also cover the latest controversy surrounding IDA Pro's subscription model, a major new YARA update, and ongoing issues with VirusTotal's value and pricing. The conversation shifts to North Korean cyber operations, particularly the infiltration of prominent crypto companies, Tom Rid's essay on Russian disinformation results, and the US government's ICE department using commercial spyware from an Israeli vendor. Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek). Links: Transcript (unedited, AI-generated) VB abstract: The Mask has been unmasked again Discover IDA 9.0 Binary Ninja Vertex Synapse YARA-X Microsoft on Star Blizzard disruption Tom Rid: The lies Russia tells itself North Korea caught targeting German missile manufacturer How North Korea infiltrated the crypto industry ICE signs $2M contract with spyware maker Paragon…
T
Three Buddy Problem
1 Exploding beepers, critical CUPS flaws, Windows Recall rebuilt for security 1:19:07
1:19:07 Play Later Play Later Lists Like Liked1:19:07
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 14 : The buddies are back together for a discussion on Juan’s LABScon keynote and mental health realities, Microsoft rewriting the Windows Recall security architecture, a new CVSS 9.9 Linux CUPS flaw, Kaspersky's controversial transition to Ultra AV, and the intelligence operations surrounding exploding pagers in Lebanon. ( This episode is dedicated to the memory of Jeff Wade from Solis, who was an important part of the LABScon family. ) Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek). Links: The Consolation of Threat Intel (JAG-S LABScon keynote) LABScon - Security Research in Real Time Windows Recall gets major security makeover David Weston on Windows Recall security reboot Critical Linux CUPS remote code execution How Israel Built Exploding Pagers — How Israel Built a Modern-Day Trojan Horse: Exploding Pagers Apple Suddenly Drops NSO Group Spyware Lawsuit CrowdStrike Overhauls Testing and Rollout Procedures Microsoft Redesigning EDR Vendor Access to Windows Kernel - SecurityWeek Kaspersky Sparks Outrage as UltraAV Takes Over Systems Without Consent Transcript (unedited, AI-generated)…
T
Three Buddy Problem
1 Ep13: The Consolation of Threat Intel (JAG-S LABScon keynote) 31:41
31:41 Play Later Play Later Lists Like Liked31:41
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 13 : This is a special edition of the show, featuring Juan Andres Guerrero-Saade's full keynote day remarks at LABScon2024. In this talk, Juanito addresses the current state of the threat intelligence industry, expressing a need for a difficult conversation about its direction and purpose. He discusses feelings of disenfranchisement among professionals, the void in meaningful work, and the importance of reclaiming control and value in cybersecurity. Juan emphasizes the need for researchers, journalists, and even VCs, to be the change to reinvigorate the industry and ensure its relevance and impact. Cast: Juan Andres Guerrero-Saade (SentinelLabs). Costin Raiu and Ryan Naraine are listening to this episode. Links: LABScon 2024 J. A. Guerrero-Saade on Twitter…
T
Three Buddy Problem
1 Ep12: Security use-cases for AI chain-of-thought reasoning 1:14:20
1:14:20 Play Later Play Later Lists Like Liked1:14:20
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 12 : Gabriel Bernadett-Shapiro joins the show for an extended conversation on artificial intelligence and cybersecurity. We discuss the hype around OpenAI's new o1 model, AI chain-of-thought reasoning and security use-cases, pervasive chatbots and privacy concerns, and the ongoing debate between open source and closed source AI models. Cast: Gabriel Bernadett-Shapiro , Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek). Costin Raiu is on vacation. Links: Transcript Gabe Bernadett-Shapiro at the Alperovitch Institute Introducing OpenAI o1 OpenAI's o1 model 'cheated' on an impossible test OpenAI o1 System Card Learning to Reason with LLMs LABScon 2024 Full Agenda…
T
Three Buddy Problem
1 Ep11: Cyberwarfare takes an ominous turn 1:15:13
1:15:13 Play Later Play Later Lists Like Liked1:15:13
Play Later Play Later Lists Like LikedThree Buddy Problem - Episode 11 : Russia's notorious GRU Unit 29155 (previously tied to assassinations, poisonings and coup attempts) now blamed for destructive cyberattacks for sabotage; FBI and DOJ take down 'Doppelganger' network spreading Russian propaganda; CISA's budget, staff, advisories and YARA rules; Influence Operations 2.0; prolific Chinese hackers and global bug-disclosure implications; North Korean hacking capabilities and 0day expertise. Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh), Ryan Naraine (SecurityWeek) Links: Transcript (unedited) CISA advisory on GRU Unit 29155 — Russian Military Cyber Actors Target US and Global Critical Infrastructure Russian Military Unit Tied to Assassinations Caught Doing Cyber Sabotage Doppelganger takedown U.S. says Russian bots, RT operatives interfere in elections Outsized Impact of a Few Chinese Hackers Korean zero-day discovery North Korea caught exploiting Chromium zero-day #LABScon24 Agenda…
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Daily Deals
Similar to Three Buddy Problem
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
1
Syntax - Tasty Web Development Treats
Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers
4k922
Full Stack Developers Wes Bos and Scott Tolinski dive deep into web development topics, explaining how they work and talking about their own experiences. They cover from JavaScript frameworks like React, to the latest advancements in CSS to simplifying web tooling.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
