Three Buddy Problem - Episode 20: We revisit the ‘hack-back’ debate, the threshold for spying on adversaries, Palo Alto watching EDR bypass research to track threat actors, hot nuggets in Project Zero’s Clem Lecinge’s Hexacon talk, Apple’s new iOS update rebooting iPhones in law enforcement custody, the mysterious GoblinRAT backdoor, and physical ‘meatspace’ Bitcoin attacks and more details on North Korean cryptocurrency theft.

Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).

Links:

• Transcript (unedited, AI-generated)
• iPhones mysteriously rebooting themselves
• Apple quietly ships iPhone reboot code
• FBI on China hacking US presidential campaigns iPhones
• Chinese hackers Targeted Phones of Trump, Vance, Harris Campaigns
• Palo Alto: EDR Bypass Testing Reveals Threat Actor's Toolkit
• Palo Alto CVE-2024-5910 marked as exploited
• Toronto crypto company CEO kidnapped
• A list of known 'meatspace' crypto attacks
• North Korea crypto thieves targets macOS