Security Conversations
Three Buddy Problem
The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. Connect with Ryan on Twitter (Open DMs).
Author
Security Conversations
Category
Podcast website
Latest episode
Jul 4, 2026
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
War in Iran, Anthropic v Pentagon, Trenchant zero-day sanctions, AI stock market shocks 28.02.2026 2:08:22
( Presented by Thinkst Canary : Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their hand by touching ’em giving you the one alert, when it matters. With zero admin overhead and almost no false-positives, Canaries are deployed (and loved) on all 7 continents. ) Three...
GitLab doxxes North Korea .gov hackers; fresh Ivanti zero-days; AI addiction and human purpose 20.02.2026 2:16:39
( Presented by TLPBLACK : High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help defenders detect, hunt, and disrupt threats faster, with seamless integration into SIEM and SOAR workflows. ) Three Buddy Problem - Episode 86 : We dig into GitLab’s explosive look a...
Palo Alto and the uncomfortable politics of APT attribution 13.02.2026 2:30:30
( Presented by Thinkst Canary : Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their hand by touching ’em giving you the one alert, when it matters. With zero admin overhead and almost no false-positives, Canaries are deployed (and loved) on all 7 continents. ) Three...
From Epstein to Notepad++: Redactions, Zero-Days and Supply Chain Attacks 08.02.2026 2:17:38
( Presented by Thinkst Canary : Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their hand by touching ’em giving you the one alert, when it matters. With zero admin overhead and almost no false-positives, Canaries are deployed (and loved) on all 7 continents. ) Three...
A destructive cyberattack in Poland raises NATO 'red-line' questions 30.01.2026 2:53:22
( Presented by Material Security : We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices. ) Three Buddy Problem - Episode 83 : Poland's CERT documents a rare, explicit wiper attack on civilians in a NATO country, including detailed attribution of a Russian government op targeting the electric grid in...
Cheap, AI-generated zero-days and the real meaning of ‘advanced’ malware 23.01.2026 2:09:06
( Presented by Material Security : We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices. ) Three Buddy Problem - Episode 82 : We parse news that China-linked VoidLink is a malware framework created entirely by AI and the collapsing line between elite APT operations and everyday threat actors. Plus, a...
Google Pixel 'zero-click' exploit caused by AI, mysterious Poland grid attacks, China bans US cybersecurity software 16.01.2026 2:24:36
( Presented by Material Security : We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices. ) Three Buddy Problem - Episode 81 : We dissect New York Times reporting on the "precision" of US cyber operations in Venezuela, the competing narratives around offensive cyber capabilities and "letters of marque...
Hamid Kashfi on the situation in Iran; Did cyber cause Venezuela blackouts? 09.01.2026 2:13:55
( Presented by Material Security : We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices. ) Three Buddy Problem - Episode 80 : Researcher Hamid Kashfi returns to unpack Iran’s latest unrest, separating economic reality from propaganda while examining how information control, cyber pressure, and state...
A special mailbag episode with book recommendations 02.01.2026 3:01:15
( Presented by Material Security : We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices. ) Three Buddy Problem - Episode 79 : We cover MongoBleed (CVE‑2025‑14847), exposed MongoDB deployments, and the sad realization that zero-day attacks are a normal, everyday occurrence. Plus, AI’s expanding role a...
Quiet Wins, Loud Failures: A Year-End Cybersecurity Reckoning 26.12.2025 3:19:04
( Presented by ThreatLocker : Allow what you need. Block everything else by default, including ransomware and rogue code. ) Three Buddy Problem - Episode 78 : We close out the year with a no-budget, no-permission awards show, spotlighting the cybersecurity stories that actually mattered. Plus, a bizarre polygraph scandal at CISA, Chinese APT research dumps, ransomware pre-notification hiccups, for...
What's behind US gov push to 'privatize' offensive cyber operations? 20.12.2025 2:01:57
( Presented by ThreatLocker : Allow what you need. Block everything else by default, including ransomware and rogue code. ) Three Buddy Problem - Episode 77 : New React2Shell data from Microsoft, fresh Apple and Cisco zero-days already in the wild, and state-linked campaigns from Russia and China that show a merging of espionage, crime, and infrastructure disruption. Plus, the US government's push...
Legal corruption, React2Shell exploitation, dual-use AI risks 11.12.2025 2:12:25
( Presented by ThreatLocker : Allow what you need. Block everything else by default, including ransomware and rogue code. ) Three Buddy Problem - Episode 76 : On the show this week, Costin walks through how a single Romanian documentary kick-started nationwide protests, exposing how corruption can be perfectly legal when the law itself is gamed, and why this moment feels different, darker, and mor...
APTs pounce on React2Shell; BRICKSTORM backdoors; .gov surveillance 06.12.2025 1:41:44
( Presented by ThreatLocker : Allow what you need. Block everything else by default, including ransomware and rogue code. ) Three Buddy Problem - Episode 75 : We dig into a CVSS 10/10 unauthenticated RCE bug causing chaos across the internet and early signs that Chinese APTs are already launching exploits, the cascading patch chaos, and a long tail of malware intrusions to come. Plus, commentary o...
Shai-Hulud 2.0, Russia GRU Intrusions, and Microsoft’s Regulatory Capture 29.11.2025 1:57:12
( Presented by Material Security : We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices. ) Three Buddy Problem - Episode 74 : We attempt to parse the rumor-fog around Microsoft’s CISO at CYBERWARCON and what it reveals about the company’s shifting posture on intel sharing, regulation, and its outsize...
Gemini 3 reactions, Fortinet/Chrome zero-days, a Cloudflare monoculture and a billion-dollar crypto twist 21.11.2025 2:19:41
( Presented by Material Security : We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices. ) Three Buddy Problem - Episode 73 : The buddies react to Google’s release of Gemini 3 and its early performance, new Chrome interface changes landing on users’ machines, and major highlights from CYBERWARCON. We...
Anthropic Claude Code automating APT hacks, KnownSec leak, Chinese buses with remote access 14.11.2025 2:12:38
Presented by Material Security : We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices. Three Buddy Problem - Episode 72 : We unpack Anthropic’s conflicting self-promotion around the “first AI-orchestrated cyberattack” using Claude Code and the future of automated APT attacks. Plus, Chinese cyber vend...
LIVE from Ring0 COUNTERMEASURE: Google v FFmpeg, Ransomware Turncoats, Samsung 0days 10.11.2025 1:09:59
Presented by Material Security : We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices. Three Buddy Problem - Episode 71 : The buddies travel to Canada for a live recording at the Countermeasure conference, discussing the Google v FFmpeg open-source patching brouhana, ransomware negotiators charged an...
OpenAI’s Dave Aitel talks Aardvark, economics of bug-hunting with LLMs 31.10.2025 2:10:48
Three Buddy Problem - Episode 70 : Dave Aitel from OpenAI's technical staff joins the buddies to discuss the just-launched Aardvark, OpenAI’s agentic “security researcher” that claims to read code, finds bugs, validates exploits, and ships patches. We press him on where LLMs beat fuzzers, privacy boundaries, human-in-the-loop realities, SDLC budgets, pen-test cadence, and the zero-day economy. Plu...
Apple’s iOS forensics freeze, WhatsApp zero-click, China outs NSA 24.10.2025 2:11:23
Three Buddy Problem - Episode 69 : We dig into news that Apple's iOS 26 has quietly killed the shutdown.log forensic artifact used to spot signs of infections and what it means for threat hunters. Plus, whispers of a million-dollar WhatsApp zero-click exploit that never materialized at Pwn2Own, a surreal court case linking a Trenchant exploit developer to Russian buyers, and Chinese threat intel r...
JAGS LABScon 2025 keynote: Steps to an ecology of cyber 18.10.2025 31:00
Three Buddy Problem (Episode 68): The buddies are trapped in timezone hell with cross-country travel this week. In this special episode, we present Juan Andres Guerrero-Saade's LABScon 2025 keynote-day presentation on the state of cybersecurity and why this phase of our collective project has failed, and how to build something smarter, more sustainable, and deeply interconnected in its place. Juan...
Apple Exploit-Chain Bounties, Wireless Proximity Exploits and Tactical Suitcases 11.10.2025 2:23:02
Three Buddy Problem - Episode 67 : We discuss the rise of automated red-teaming, Apple’s $2 million exploit chain bounties aimed at outbidding spyware brokers and the iPhone maker's focus on wireless proximity attacks and “tactical suitcase” Wi-Fi exploits. We also hit the news of Paragon spyware targeting European executives and the bizarre story of NSO Group’s supposed US investor buyout. Plus,...
Chris Eng on lessons learned from the NSA, @Stake, Veracode, and 20 years in cybersecurity 07.10.2025 44:54
This week on Security Conversations , Ryan sits down with Chris Eng, former Chief Research Officer at Veracode, to talk about life after nearly two decades at one company and the lessons learned along the way. They dig into a career start at the NSA, the early days of @Stake and the Symantec acquisition, and the birth and ambitions of Veracode. Plus, thoughts on how helping startups shape product...
Oracle cl0p ransomware crisis, EU drone sightings, Cisco bootkit fallout 03.10.2025 2:03:28
Three Buddy Problem - Episode 66 : We discuss drone sightings that shut down airports across Europe and what they reveal about hybrid warfare and the changing nature of conflict; Oracle ransomware/extortion campaign tied to unpatched E-Business Suite vulnerabilities and the company’s muted response. Plus, the TikTok–Oracle deal and the strange role Oracle now plays in U.S. national security; OpenA...
Cisco firewall zero-days and bootkits in the wild 27.09.2025 1:54:49
Three Buddy Problem - Episode 65 : We zero in on one of the biggest security stories of the year: the discovery of a persistent multi-stage bootkit implanting malware on Cisco ASA firewalls. Details on a new campaign, tied to the same threat actors behind ArcaneDoor, exploiting zero-days in Cisco’s 5500-X series appliances, devices that sit at the heart of government and enterprise networks worldw...
Live at LABScon: Aurora Johnson and Trevor Hilligoss on China's 'internet toilets' 24.09.2025 22:13
Three Buddy Problem - Episode 64: SpyCloud Labs researchers Aurora Johnson and Trevor Hilligoss discuss the world of “internet toilets," the toxic online communities in China where harassment, stalking, and sextortion thrive. We explore how these groups operate, from doxing ex-lovers and enemies to running coordinated campaigns of cyberbullying that often spill into real-world harm. (Recorded at L...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.