Three Buddy Problem - Episode 52: Fresh intelligence reports out of Europe and China: France’s ANSSI documents a string of Ivanti VPN zero-days ('Houken'), and Quanxin frames a stealth Microsoft Exchange-zero-day chain linked to a North American 'Night Eagle' threat actor. We dissect the technical bread-crumbs, questions the attribution math, and connects Houken to SentinelOne’s “Purple Haze” research.
Plus, the FBI’s claim that China’s “Salt Typhoon” has been “contained,” Iran’s Nobitex crypto-exchange breach (Predatory Sparrow torches $90 million and leaks the source code), Iranian cyber capabilities and sanctions avoidance.
Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.
Links:
- Transcript (unedited, AI-generated)
- Houken: Seeking a path by living on the edge with zero-days
- China-nexus APTs recon on top-tier targets
- French cybersecurity agency confirms government affected by Ivanti hacks
- Top FBI cyber official: Salt Typhoon ‘largely contained’
- Operation Blockbuster (Novetta)
- Israel-Iran cyberwar: Predatory Sparrow, vanishing crypto, bank hacks
- Inside the Nobitex Breach: What the Leaked Source Code Reveals About Iran’s Crypto Infrastructure
- cisagov/thorium
Fler avsnitt av Three Buddy Problem
Visa alla avsnitt av Three Buddy ProblemThree Buddy Problem med Security Conversations finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.