Security Conversations
Three Buddy Problem
The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. Connect with Ryan on Twitter (Open DMs).
Author
Security Conversations
Category
Podcast website
Latest episode
Jul 4, 2026
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
A half-dozen Microsoft zero-days, Juniper router backdoors, advanced bootkit hunting 14.03.2025 2:05:43
Three Buddy Problem - Episode 38 : On the show this week, we look at a hefty batch of Microsoft zero-days exploited in the wild, iOS 18.3.2 fixing an exploited WebKit bug, a mysterious Unpatched.ai being credited with Microsoft Access RCE flaws, and OpenAI lobbying for the US to ban China's DeepSeek. Plus, discussion on a Binarly technical paper with new approach to finding UEFI bootkits, Mandiant...
Revisiting the Lamberts, i-Soon indictments, VMware zero-days 08.03.2025 1:39:32
Three Buddy Problem - Episode 37 : This week, we revisit the public reporting on a US/Russia cyber stand down order, CISA declaring no change to its position on tracking Russian threats, and the high-level diplomatic optics at play. Plus, a dissection of ‘The Lamberts’ APT and connections to US intelligence agencies, attribution around ‘Operation Triangulation’ and the lack of recent visibility in...
Lazarus ByBit $1.4B heist was supply chain attack on developer 01.03.2025 1:53:22
Three Buddy Problem - Episode 36 : Ryan and Juanito join the show from the RE//verse conference with discussion on Natalie Silvanovic’s keynote on hunting for bugs in mobile messengers, the thrill of looking at exposed attack surfaces and the grueling “losses” bug hunters endure before a breakthrough. We also cover the latest on the $1.4 billion ByBit hack pinned on the Lazarus Group and the malic...
North Korea's biggest ever crypto heist: $1.4B stolen from Bybit 23.02.2025 2:07:07
Three Buddy Problem - Episode 35 : Juanito is live from DistrictCon with notes on discussion of an elusive iOS zero-day by a company called QuaDream and Apple’s controversial removal of iCloud backup end-to-end encryption in the UK. We also cover a staggering $1.4 billion hack by the Lazarus Group against Bybit, new angles in NSA-linked cyber-espionage against China’s top universities, Chinese hac...
An 'extremely sophisticated' iPhone hack; Google flags major AMD microcode bug 15.02.2025 1:25:12
Three Buddy Problem - Episode 34 : We dig into the latest exploited Apple iPhone zero-day (USB Restricted Mode bypass), an AMD microcode flaw so serious it’s not being fully disclosed, a barrage of Patch Tuesday updates, the helpless nature of trying to defend corporate networks, Russian threat actor movements, and fresh intel from Rapid7, Volexity, and Microsoft. Cast: Juan Andres Guerrero-Saade...
Unpacking the UK government's secret iCloud backdoor demand 08.02.2025 2:22:42
Three Buddy Problem - Episode 33 : In this episode, we unpack the UK government's secret push for backdoor access to encrypted iCloud data, Apple’s approach to iCloud encryption, and the broader implications for privacy and security on a global scale. Plus, how security agencies handle zero-day vulnerabilities, surveillance spyware and mercenary hacking, and TikTok-powered election disinformation...
Inside the DeepSeek AI existential crisis, Chinese 'backdoor' in medical devices 31.01.2025 2:19:44
Three Buddy Problem - Episode 32 : In this episode, we rummage through the DeepSeek hype and break down what makes it different from OpenAI’s models, why it’s stirring up existential controversies, and what it means for the broader tech landscape. We get into the privacy concerns, the geo-political implications, how AI models handle data, the ongoing debate over IP theft and innovation, and the ch...
Death of the CSRB, zero-days storms at the edge, Juniper router backdoors 24.01.2025 1:48:59
Three Buddy Problem - Episode 31 : Dennis Fisher steps in for Ryan Naraine to moderate discussion on a very busy week in cybersecurity. The cast dig into the wave of big research reports, the disbanding of the Cyber Safety Review Board (CSRB), the ongoing flood of exploits targeting security appliances from Ivanti and SonicWall, and the recent Lumen research on Juniper router backdoors. Plus, the...
Inside the PlugX malware removal operation, CISA takes victory lap and another Fortinet 0day 17.01.2025 1:59:52
Three Buddy Problem - Episode 30 : We discuss French threat-intel Sekoia creating a portal to handle “sovereign disinfections” of the PlugX malware, CISA leadership taking a victory lap using the ‘Secure by Design’ pledge as a trophy, the new Biden cybersecurity Executive Order, another Fortinet zero-day, the TikTok ban and Ukrainian hackers targeting Russian companies. Cast: Juan Andres Guerrero-...
Hijacking .gov backdoors, Ivanti 0days and a Samsung 0-click vuln 10.01.2025 1:48:21
Three Buddy Problem - Episode 29 : Another day, another Ivanti zero-day being exploited in the wild. Plus, China's strange response to Volt Typhoon attribution, Japan blames China for hacks, a Samsung 0-click vulnerability found by Project Zero, Kim Zetter's reporting on drone sightings and a nuclear scare. Plus, hijacking abandoned .gov backdoors and Ukrainian hacktivists wiping a major Russian I...
US Treasury hacked via BeyondTrust, MISP and the threat actor naming mess 03.01.2025 1:49:16
Three Buddy Problem - Episode 28 : In this episode, we explore the ongoing challenges of threat actor naming in cybersecurity and the confusion caused by a lack of standardization, methodological inconsistencies and skewed, marketing-driven incentives. Plus, the US Treasury/BeyondTrust hack, the surge in 0day discoveries, a new variant of the Xdr33 CIA Hive malware, and exclusive new information o...
Palo Alto network edge device backdoor, Cyberhaven browser extension hack, 2024 research highlights 27.12.2024 1:53:11
Three Buddy Problem - Episode 27 : We discuss the discovery of a Palo Alto network firewall attack and a stealthy network ed ge device backdoor (LITTLELAMB.WOOLTEA), the Cyberhaven hack and the shady world of browser extensions, and a look back at the top research projects that caught our attention in 2025. Cast: Juan Andres Guerrero-Saade , Costin Raiu and Ryan Naraine .
US government's VPN advice, dropping bombs on ransomware gangs 23.12.2024 1:58:40
Three Buddy Problem - Episode 26 : We dive deep into the shadowy world of surveillance and cyber operations, unpacking Amnesty International's explosive report on NoviSpy, a previously unknown Android implant used against Serbian activists, and the links to Israeli forensics software vendor Cellebrite. Plus, thoughts on the US government’s controversial guidance on VPNs, Chinese reports on US inte...
Surveillance economics, Turla and Careto, and the AI screenshots nobody asked for 13.12.2024 2:14:07
Three Buddy Problem - Episode 25 : An update on Romania’s cancelled election, the implications of TikTok on democratic processes, and the broader issues around surveillance capitalism and micro-targeting. Plus, news on Turla piggybacking on cybercriminal malware to hit Ukraine, the return of Careto and the absence of IOCs, Claroty report on an Iran-linked cyberweapon targeting critical infrastruct...
Inside the Turla Playbook: Hijacking APTs and fourth-party espionage 07.12.2024 1:47:08
Three Buddy Problem - Episode 24 : In this episode, we did into Lumen/Microsoft’s revelations on Russia's Turla APT stealing from a Pakistani APT, and issues around fourth-party espionage and problems with threat actor attribution. We also discuss Citizen Lab’s findings on Monokle-like spyware implanted by Russian authorities, the slow pace of Salt Typhoon disinfection, the Solana web3.js supply c...
Volexity’s Steven Adair on Russian Wi-Fi hacks, memory forensics, appliance 0days and network inspectability 30.11.2024 1:18:33
Three Buddy Problem - Episode 23 : Volexity founder Steven Adair joins the show to explore the significance of memory analysis and the technical challenges associated with memory dumping and forensics. We dig into Volexity’s “nearest neighbor” Wi-Fi hack discovery, gaps in EDR detection and telemetry, and some real-talk on the Volt Typhoon intrusions. We also cover news on a Firefox zero-day explo...
Sid Trivedi on the RSA Innovation Sandbox $5 million investment gambit 28.11.2024 1:01:12
Episode sponsors: Binarly ( https://binarly.io ) Binary Risk Hunt ( https://risk.binarly.io ) In this reboot of the Security Conversations interview series, Foundation Capital partner Sid Trivedi weighs in on major changes to the RSA Innovation Sandbox, the mandatory $5M uncapped SAFE investment for all 10 finalists, and red-flag concerns around discounts and pro-rata rights. Also discussed: contr...
Russian APT weaponized nearby Wi-Fi networks in DC, new macOS zero-days, DOJ v Chrome 22.11.2024 1:28:22
Three Buddy Problem - Episode 22 : We discuss Volexity’s presentation on Russian APT operators hacking Wi-Fi networks in “nearest neighbor attacks,” the Chinese surveillance state and its impact on global security, the NSA's strange call for better data sharing on Salt Typhoon intrusions, and the failures of regulatory bodies to address cybersecurity risks. We also cover two new Apple zero-days be...
What happens to CISA now? Is deterrence in cyber possible? 15.11.2024 1:53:51
Three Buddy Problem - Episode 21 : We dig into an incredible government report on Iranian hacking group Emennet Pasargad and tradecraft during the Israel/Hamas war, why Predatory Sparrow could have been aimed at deterrence in cyber, and the FBI/CISA public confirmation of the mysterious Salt Typhoon hacks. Plus, discussion on hina’s cyber capabilities, the narrative around “pre-positioning” for a...
Mysterious rebooting iPhones, EDR vendors spying on hackers, Bitcoin 'meatspace' attacks 09.11.2024 1:37:00
Three Buddy Problem - Episode 20 : We revisit the ‘hack-back’ debate, the threshold for spying on adversaries, Palo Alto watching EDR bypass research to track threat actors, hot nuggets in Project Zero’s Clem Lecinge’s Hexacon talk, Apple’s new iOS update rebooting iPhones in law enforcement custody, the mysterious GoblinRAT backdoor, and physical ‘meatspace’ Bitcoin attacks and more details on No...
The Sophos kernel implant, 'hack-back' implications, CIA malware in Venezuela 03.11.2024 1:54:14
Three Buddy Problem - Episode 19 : We explore Ivan Kwiatkowski’s essay on the limits of threat intelligence, Sophos using kernel implants to surveil Chinese hackers, the concept of ‘hack-back’ and legal implications, geopolitical layers of cyber espionage, CIA malware in Venezuela, Vatican/Mossad mentioned in high-profile Italy hacks, and Canada bracing for .gov attacks from India. Cast: Juan Andr...
Fortinet 0days, Appin hack-for-hire exposé, crypto heists, Russians booted from Linux kernel 25.10.2024 1:26:44
Three Buddy Problem - Episode 18 : This week’s show covers the White House's new Traffic Light Protocol (TLP) guidance, Reuters expose of Appin as a hack-for-hire mercenary company, Fortinet zero-day exploitation and missing CSRB investigations, major cryptocurrency heists, Apple opening Private Cloud Compute to public inspection, Russians removed from Linux kernel maintenance and China’s Antiy be...
ESET Israel wiper malware, China's Volt Typhoon response, Kaspersky sanctions and isolation 18.10.2024 1:38:18
Three Buddy Problem - Episode 17 : News of a wiper malware attack in Israel implicating ESET, threats from wartime hacktivists, China's strange response to Volt Typhoon attribution and Section 702 messaging, an IE zero-day discovery and web browser rot in South Korea, the ongoing isolation of Kaspersky due to sanctions, and the geopolitical influences affecting cybersecurity reporting. Cast: Juan...
Typhoons and Blizzards: Cyberespionage and national security on front burner 11.10.2024 1:09:09
Three Buddy Problem - Episode 16 : We break down the new GCHQ advisory on the history and tactics of Russia’s APT29, the challenges of tracking and defending against these sophisticated espionage programs, the mysterious Salt Typhoon intrusions, the absence of technical indicators (IOCs), the risks of supply chain attacks. We also touch on the surge in zero-day discoveries, the nonstop flow of exp...
Careto returns, IDA Pro pricing controversy, crypto's North Korea problem 04.10.2024 1:30:38
Three Buddy Problem - Episode 15 : Juanito checks in from Virus Bulletin with news on the return of Careto/Mask, a ‘milk-carton’ APT linked to Spain. We also cover the latest controversy surrounding IDA Pro's subscription model, a major new YARA update, and ongoing issues with VirusTotal's value and pricing. The conversation shifts to North Korean cyber operations, particularly the infiltration of...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.