Three Buddy Problem - Episode 16: We break down the new GCHQ advisory on the history and tactics of Russia’s APT29, the challenges of tracking and defending against these sophisticated espionage programs, the mysterious Salt Typhoon intrusions, the absence of technical indicators (IOCs), the risks of supply chain attacks. We also touch on the surge in zero-day discoveries, the nonstop flow of exploited Ivanti security bugs, and why the CSRB should investigate these network edge device and appliance vendors.

Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek).

Links:

• NCSC exposé on SVR/APT29 history and tactics
• APT29 / Midnight Blizzard
• VIDEO: A Surprise Encounter With A Telco APT
• The Athens Affair - IEEE Spectrum — How some extremely smart hackers pulled off the most audacious cell-network break-in ever
• Wikipedia: The Athens Affair
• WSJ report on Salt Typhoon hacks
• In-the-wild zero-day counter
• Microsoft Confirms Exploited Zero-Day in Windows Management Console