About this episode
Three Buddy Problem - Episode 48: We unpack a Dutch intelligence agencies report on ‘Laundry Bear’ and Microsoft’s parallel ‘Void Blizzard’ write-up, finding major gaps and bemoaning the absence of IOCs. Plus, discussion on why threat-intel naming is so messy, how initial-access brokers are powering even nation-state break-ins, and whether customers (or vendors) are to blame for the confusion.
Plus, thoughts on an academic paper on the vanishing art of Western companies exposing Western (friendly) APT operations, debate whether stealth or self-censorship is to blame, and the long-tail effects on cyber paleontology.
We also dig into Sean Heelan’s proof that OpenAI’s new reasoning model can spot a Linux kernel 0-day and the implications for humans in the bug-hunting chain.
Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.Links:Transcript (unedited, AI-generated)Dutch intelligence agency outs 'Laundry Bear' Russian APTRussian gov hackers buying passwords from cybercriminalsMicrosoft: Russian actor Void Blizzard targets critical sectors for espionageCensys data on AyySSHush ASUS router botnetCzech Republic statement on Chinese hackCzech gov condemns Chinese hack on critical infrastructure
