US Treasury hacked via BeyondTrust, MISP and the threat actor naming mess

Three Buddy Problem - Episode 28: In this episode, we explore the ongoing challenges of threat actor naming in cybersecurity and the confusion caused by a lack of standardization, methodological inconsistencies and skewed, marketing-driven incentives. Plus, the US Treasury/BeyondTrust hack, the surge in 0day discoveries, a new variant of the Xdr33 CIA Hive malware, and exclusive new information on the Cyberhaven Chrome extension security incident. Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.Links:Transcript (unedited, AI-generated)BeyondTrust statement on hack investigationU.S. Treasury says it was hacked by China-backed actorsAnother Palo Alto 0day exploited in the wildUS telcos say they've evicted Salt Typhoon Chinese hackersGoogle: What is BeyondCorp?Introducing the MISP Threat Actor Naming StandardMISP: Recommendations on Naming Threat ActorsNew variant of the CIA HIVE attack kitXdr33 Variant Of CIA's HIVE Attack Kit EmergesSavvy Seahorse connection to Cyberhaven incidentUS sanctions China's Integrity Technology over Flax Typhoon hacksOperation AuroraAPT1 Exposing One of China’s Cyber Espionage Units

Om Podcasten

The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. Connect with Ryan on Twitter (Open DMs).