US government's VPN advice, dropping bombs on ransomware gangs

Three Buddy Problem - Episode 26: We dive deep into the shadowy world of surveillance and cyber operations, unpacking Amnesty International's explosive report on NoviSpy, a previously unknown Android implant used against Serbian activists, and the links to Israeli forensics software vendor Cellebrite. Plus, thoughts on the US government’s controversial guidance on VPNs, Chinese reports on US intel agency hacking, TP-Link sanctions chatter, Mossad's dramatic exploding beeper operation and the ethical, legal, and security implications of escalating cyber-deterrence. Also, a mysterious BeyondTrust 0-day! Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.Links:Transcript (unedited, AI-generated)Surveillance and the suppression of civil society in SerbiaCISA: VPN and mobile device security guidanceCostin Raiu: Staying safe from Pegasus, Chrysaor and other APT mobile malware (2024 update)Bitsight: The Aftermath of the Kaspersky BanUS Probes China-Founded Router Maker TP-LinkRob Joyce: Move away from TP-LinkChina report on US intelligence corporate hackingForeign hackers need to face real consequencesIsrael's Mossad spent years orchestrating Hezbollah pager plotBeyondTrust 0daySophos Firewall CVSS 9.8 bulletin

Om Podcasten

The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. Connect with Ryan on Twitter (Open DMs).