Three Buddy Problem - Episode 52: Fresh intelligence reports out of Europe and China: France’s ANSSI documents a string of Ivanti VPN zero-days ('Houken'), and Quanxin frames a stealth Microsoft Exchange-zero-day chain linked to a North American 'Night Eagle' threat actor. We dissect the technical bread-crumbs, questions the attribution math, and connects Houken to SentinelOne’s “Purple Haze” research.

Plus, the FBI’s claim that China’s “Salt Typhoon” has been “contained,” Iran’s Nobitex crypto-exchange breach (Predatory Sparrow torches $90 million and leaks the source code), Iranian cyber capabilities and sanctions avoidance.

Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

Links:

• Transcript (unedited, AI-generated)
• Houken: Seeking a path by living on the edge with zero-days
• China-nexus APTs recon on top-tier targets
• French cybersecurity agency confirms government affected by Ivanti hacks
• Top FBI cyber official: Salt Typhoon ‘largely contained’
• Operation Blockbuster (Novetta)
• Israel-Iran cyberwar: Predatory Sparrow, vanishing crypto, bank hacks
• Inside the Nobitex Breach: What the Leaked Source Code Reveals About Iran’s Crypto Infrastructure
• cisagov/thorium