Three Buddy Problem
Security Conversations
The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks.
Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers.
Connect with Ryan on Twitter (Open DMs).
Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers.
Connect with Ryan on Twitter (Open DMs).
Episodes
Mentioned books
18 snips
Feb 13, 2026 • 2h 31min
Palo Alto and the uncomfortable politics of APT attribution
They unpack drone incursions over El Paso and whether cartels, anti‑drone tests, or hybrid warfare are to blame. They cover the Notepad++ supply chain fallout and new IOCs. They discuss Microsoft’s streak of exploited zero‑days and AI‑expanded attack surfaces. They dig into Apple’s zero‑click iOS exploits, Europe’s turn toward offensive cyber, and the politics around attributing major hacks.
10 snips
Feb 8, 2026 • 2h 18min
From Epstein to Notepad++: Redactions, Zero-Days and Supply Chain Attacks
They dig into how sloppy redactions crumble under OCR and AI, making sensitive names and attachments easy to recover. They unpack a high-profile Notepad++ supply-chain compromise and how attackers abused update flows and kernels. The conversation also covers AI-driven vulnerability discovery, a China-linked gateway-monitoring framework, and how Lockdown Mode stymied forensic access.
51 snips
Jan 30, 2026 • 2h 53min
A destructive cyberattack in Poland raises NATO 'red-line' questions
A detailed report on a rare destructive wiper attack against Polish infrastructure and why it may cross NATO red lines. Conversations about precise attribution, vendor responsibility, and how compromised VPN and Fortinet appliances enabled persistence. Coverage of urgent patches, new exploited zero-days, and the resurfacing of the mysterious KasperSekrets account.
Jan 23, 2026 • 2h 9min
Cheap, AI-generated zero-days and the real meaning of ‘advanced’ malware
They unpack claims that a malware framework may have been built by AI and what artifacts reveal about its creation. They debate whether AI lets low-cost actors produce advanced exploits and why verification and benchmarks matter. They cover a surge of noisy AI bug reports, new CISA YARA rules, a wiper used against Poland's grid, and risks around cloud keys and edge device compromises.
24 snips
Jan 16, 2026 • 2h 25min
Google Pixel 'zero-click' exploit caused by AI, mysterious Poland grid attacks, China bans US cybersecurity software
The hosts dive into intriguing discussions on the precision of U.S. cyber operations in Venezuela and the implications of private sector involvement in offensive cyber tactics. They uncover a mysterious, failed cyber attack on Poland's power grid, exploring its technical nuances and the need for better forensic understanding. The episode also highlights China's ban on U.S. cybersecurity software and the unsettling zero-click vulnerabilities linked to AI features in Google's Pixel. An engaging look at emerging threats and geopolitical cyber dynamics unfolds!
17 snips
Jan 9, 2026 • 2h 14min
Hamid Kashfi on the situation in Iran; Did cyber cause Venezuela blackouts?
Hamid Kashfi, a security researcher focused on Iran's cyber operations, dives into the current tensions in Iran, discussing the economic factors behind the protests and the impact of government surveillance. He unpacks how censorship and information control play a role in shaping public sentiment. Additionally, the conversation shifts to Venezuela, where they explore whether cyber operations contributed to widespread blackouts amid ongoing political turmoil. Kashfi also touches on the implications of leaked data and strategies for undermining regime surveillance.
4 snips
Jan 2, 2026 • 3h 1min
A special mailbag episode with book recommendations
The hosts dive into the controversial landscape of AI, debating its misuse and the need for guiding principles. They tackle the alarming MongoBleed vulnerabilities and their impact on security. Insights into ransomware response and the ethics surrounding synthetic content spark lively discussions. In a special mailbag segment, they share book recommendations, revealing their favorite reads and the merits of audiobooks versus physical books. Tune in for a blend of tech insights and literary suggestions!
21 snips
Dec 26, 2025 • 3h 19min
Quiet Wins, Loud Failures: A Year-End Cybersecurity Reckoning
This podcast dives into the bizarre fallout from a CISA polygraph scandal and highlights key cybersecurity stories of the year. It explores vital yet underfunded ransomware pre-notification efforts and discusses the implications of the FCC's foreign drone ban. AI advancements are debated, focusing on coding reliability and security research. The hosts also analyze the troubling intersection of commercial spyware and geopolitics, along with a deep dive into North Korean crypto operations and innovative edge honeypots used in Chinese cyber campaigns.
12 snips
Dec 20, 2025 • 2h 2min
What's behind US gov push to 'privatize' offensive cyber operations?
The discussion delves into the U.S. government's new strategy to enlist private firms for offensive cyber operations. They explore the implications of legal complexities surrounding letters of marque for cartels. Insight is provided on the emergence of vulnerabilities, including Apple and Cisco zero-days. Uncoveries of Belarusian spyware targeting journalists are alarming. Amazon's detection of a North Korean infiltrator through unique keystroke lag adds a twist, showcasing the intersection of advanced technology with security challenges.
5 snips
Dec 11, 2025 • 2h 12min
Legal corruption, React2Shell exploitation, dual-use AI risks
A Romanian documentary ignites nationwide protests, exposing the insidious nature of legal corruption and the public's demand for accountability. The conversation shifts to the growing threat of React2Shell exploitation, detailing technical challenges and the difficulties of patching vulnerable components. The hosts critique Microsoft's transparency issues and highlight the evolving landscape where advanced persistent threats meet criminal exploits. They also explore the dual-use risks of AI, questioning its rapid advancements in penetration testing capabilities.
