About this episode
Three Buddy Problem - Episode 56: China-focused researcher Dakota Cary joins the buddies to dig into China’s sprawling cyber ecosystem, from the HAFNIUM indictments and MSS tasking pipelines to the murky world of APT contractors and the ransomware hustle. We break down China’s “entrepreneurial” model of intelligence collection, why public visibility into these threat actors is so hard to get right, and how companies like Microsoft get caught in the geopolitical crossfire.
Plus: a deep dive on suspected MAPP leaks and Sharepoint zero-days, Singapore targeted by extremely sophisticated China-nexus hacking group, soft censorship in corporate threat-intel, and whether the U.S. should rethink how it fills its intelligence gaps.
Cast: Dakota Cary, Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.Links:Transcript (unedited, AI-generated)Dakota Cary on LinkedInChina’s Covert Capabilities -- Silk Spun From HafniumHAFNIUM-Linked Hacker Xu Zewei: Riding the Tides of China’s Cyber EcosystemMicrosoft Probing Whether Chinese Hackers Found Flaw Via MAPP Cybersecurity Law of the People’s Republic of ChinaFrozen in transit: Secret Blizzard’s AiTM campaign against diplomatsFire Ant: Hypervisor-Level Espionage Targeting VM
