About this episode
(Presented by Material Security: We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.)
Three Buddy Problem - Episode 82: We parse news that China-linked VoidLink is a malware framework created entirely by AI and the collapsing line between elite APT operations and everyday threat actors.
Plus, a new Sean Heelan essay on low-cost exploit generation and why “AI guardrails” are mostly a comforting myth; AI slop overwhelming bug bounty programs; CISA's new Brickstorm YARA rules; and fresh research on a wiper-malware found in Russian attacks against Poland's electricity sector.
Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.Links:Transcript (unedited, AI-generated)Material Security (use cases)Sean Heelan on the coming industrialisation of exploit generation with LLMsVoidLink Shows AI-Generated Malware Has BegunLLMs in the SOC: Why Benchmarks Fail Security Operations TeamsCISA advisory on BRICKSTORM backdoorNode.js — New HackerOne Signal Requirement AI slop security reports submitted to cURL
