Three Buddy Problem

LLMs writing exploits, engineers losing skills, and a case for the generative OS


Listen Later

(Presented by TLPBLACK: High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help defenders detect, hunt, and disrupt threats faster, with seamless integration into SIEM and SOAR workflows.)

Three Buddy Problem - Episode 92: Costin walks through real-world ransomware incident response while Juanito makes the case for AI-generated operating systems that never run anyone else's code. Plus, debates on whether vulnerability research is cooked, why nobody should pay ransoms, and what the security industry looks like after the massive AI flood.

Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

0:00 – Introductory banter

2:00 – Costin's ransomware incident response work
3:30 – How attackers break in: Fortinet vulnerabilities everywhere
6:30 – Hunting for ransomware decryption keys
9:00 – Breaking into ransomware C2s and monitoring leak sites
12:00 – The ransom payment debate: should you ever pay?
16:00 – Why "don't pay the ransom" is overgeneralized
21:00 – How ransomware gangs price their demands
24:00 – The AI-pilling of the security industry
28:30 – Nicholas Carlini, Ptacek, and "vulnerability research is cooked"
35:00 – Towards a generative-first operating system
41:00 – Code factories, trusted computing, and killing dependencies
48:00 – Microsoft and Apple's AI positioning
56:00 – Chris St. Myers' "Cognitive Rust Belt" essay
1:18:00 – Choice, The Matrix, and the illusion of control
1:38:00 – Supply chain attacks, North Korea, and dependency sprawl

Links:

  • Transcript
  • Nicholas Carlini - Black-hat LLMs
  • Ptacek: Vulnerability Research Is Cooked
  • Chris St Myers: Why Organizations Are Confusing Temporary Friction with Permanent Safety
  • Dan Geer: Children of the Magenta
  • Calif: Month of AI-Discovered Bugs
  • Claude Wrote a Full FreeBSD Remote Kernel RCE with Root Shell
  • Internet Bug Bounty Pauses Bug Bounty Program
  • Node.js Bug Bounty Program Paused Due to Loss of Funding
  • Elastic: How we caught the Axios supply chain attack
  • Elastic tool: supply-chain-monitor
  • Apple Will Push Out Rare ‘Backported’ Patches to iOS 18 Users
  • WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware
  • The Human-Machine Team
  • Arsenal Recon Tool
  • TLPBLACK
  • ...more
    View all episodesView all episodes
    Download on the App Store

    Three Buddy ProblemBy Security Conversations

    • 4.9
    • 4.9
    • 4.9
    • 4.9
    • 4.9

    4.9

    61 ratings


    More shows like Three Buddy Problem

    View all
    Hacked by Hacked

    Hacked

    188 Listeners

    Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

    Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

    369 Listeners

    Risky Business by Risky Business Media

    Risky Business

    376 Listeners

    SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

    SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

    648 Listeners

    CyberWire Daily by N2K Networks

    CyberWire Daily

    1,030 Listeners

    Smashing Security by Graham Cluley

    Smashing Security

    316 Listeners

    Click Here by Recorded Future News

    Click Here

    421 Listeners

    Darknet Diaries by Jack Rhysider

    Darknet Diaries

    8,059 Listeners

    Cybersecurity Today by Jim Love

    Cybersecurity Today

    178 Listeners

    Hacking Humans by N2K Networks

    Hacking Humans

    313 Listeners

    CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

    CISO Series Podcast

    192 Listeners

    Defense in Depth by CISO Series

    Defense in Depth

    73 Listeners

    Cybersecurity Headlines by CISO Series

    Cybersecurity Headlines

    136 Listeners

    Risky Bulletin by Risky Business Media

    Risky Bulletin

    45 Listeners

    The 404 Media Podcast by 404 Media

    The 404 Media Podcast

    392 Listeners