Fortinet 0days, Appin hack-for-hire exposé, crypto heists, Russians booted from Linux kernel

Three Buddy Problem - Episode 18: This week’s show covers the White House's new Traffic Light Protocol (TLP) guidance, Reuters expose of Appin as a hack-for-hire mercenary company, Fortinet zero-day exploitation and missing CSRB investigations, major cryptocurrency heists, Apple opening Private Cloud Compute to public inspection, Russians removed from Linux kernel maintenance and China’s Antiy beefing with Sentinel One over APT reporting. Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).Links:Transcript (AI-generated)White House TLP guidanceApplin -- How an Indian startup hacked the worldBurning Zero Days: FortiJump FortiManager FlawMandiant on FortiManager Zero-Day ExploitationFortinet bulletin on new 0day exploitationRadiant Capital $50M cryptocurrency theftDPRK's Lazarus steals cryptocurrency with decoy MOBA gameApple opens Private Cloud Compute to security inspectionRussians booted from Linux kernel driver maintenanceAntiy paper responding to SentinelOne

Om Podcasten

The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. Connect with Ryan on Twitter (Open DMs).