Costin G. Raiu (@craiu)

War in Iran, Anthropic v Pentagon, Trenchant zero-day sanctions, AI stock market shocks - Security Conversations (Presented by Thinkst Canary: Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes […]

POD UP ALERT! (Presented by @thinkstcanary.canary.tools)

War in Iran + cyber capabilities and proxy risks; Anthropic’s clash with the Pentagon; market shockwaves from AI-driven security tools; mass layoffs tied to automation; Trenchant exec sentencing and sanctions in the exploit trade...

28.02.2026 19:35 👍 7 🔁 5 💬 2 📌 1

A destructive cyberattack in Poland raises NATO 'red-line' questions - Security Conversations (Presented by Material Security: We protect your company’s most valuable materials — the emails, files, and accounts that live in your Google Workspace and Microsoft […]

🔥 #ThreeBuddyProblem Ep83 has been pushed to your earholes. Poland CERT on Russian wipers, Sandworm or not Sandworm, new FortIvanti nightmares + some KasperSekrets chit-chat @craiu.bsky.social @jags.bsky.social

securityconversations.com/episode/a-de...

30.01.2026 20:20 👍 7 🔁 4 💬 1 📌 1

Cheap, AI-generated zero-days and the real meaning of ‘advanced’ malware - Security Conversations (Presented by Material Security: We protect your company’s most valuable materials — the emails, files, and accounts that live in your Google Workspace and Microsoft […]

🌨️ ❄️ Here's a fresh episode of the problem to help you brave the bad weather this weekend (sponsored by Material Security) @craiu.bsky.social @jags.bsky.social

LISTEN securityconversations.com/episode/chea...

23.01.2026 20:06 👍 5 🔁 4 💬 1 📌 0

Live updates: Trump keeping Machado’s Nobel prize after Venezuelan opposition leader presents it to him | CNN Politics Venezuelan opposition leader María Corina Machado, the 2025 Nobel Peace Prize winner, met with President Donald Trump today. Follow for live updates.

Sources: US officials are telling multiple agencies, including FBI, to pull pple from attending the RSA conference after Jen Easterly, who led CISA under Biden, was named RSAC CEO: www.cnn.com/politics/liv...

16.01.2026 03:29 👍 31 🔁 21 💬 4 📌 9

A special mailbag episode with book recommendations YouTube video by Three Buddy Problem

This week's Three Buddy Problem show is presented by Material Security and includes book-reading recommendations from @craiu.bsky.social and @jags.bsky.social

WATCH youtu.be/mY9rRd1Wm_I?...

05.01.2026 18:21 👍 10 🔁 4 💬 1 📌 1

Hamid Kashfi on the situation in Iran; Did cyber cause Venezuela blackouts? - Security Conversations (Presented by Material Security: We protect your company’s most valuable materials — the emails, files, and accounts that live in your Google Workspace and Microsoft […]

NEW!! (Presented by Material Security). We talk about the escalating protests in Iran, the expected cyber effects, and parallels with cyber operations and Venezuela power cuts. @craiu.bsky.social @jags.bsky.social @darkcell.bsky.social

securityconversations.com/episode/hami...

09.01.2026 20:09 👍 4 🔁 3 💬 2 📌 0

https://medium.com/@costin.raiu/the-cybersecurity-booklist-11-must-reads-for-2026-from-the-three-buddy-problem-podcast-ef8216958bd3

The Cybersecurity Booklist: 11 Must-Reads for 2026 from The Three Buddy Problem Podcast: t.co/XuM7Bd0MXh @ryanaraine.bsky.social @jags.bsky.social

10.01.2026 10:15 👍 6 🔁 3 💬 0 📌 0

This weekend's problem is up on YouTube. Shoutout to ThreatLocker for supporting the show! @craiu.bsky.social @jags.bsky.social
www.youtube.com/watch?v=LR9F...

13.12.2025 16:18 👍 3 🔁 2 💬 0 📌 1

!! BRAND NEW Three Buddy Problem, on React2Shell, BRICKSTORM, .gov surveillance madness, and AI agents finding smart contracts exploits @craiu.bsky.social @jags.bsky.social

LISTEN EVERYWHERE pod.link/1414525622

(Presented by ThreatLocker)

06.12.2025 18:50 👍 7 🔁 6 💬 1 📌 1

Gemini 3, Fortinet/Chrome zero-days, Cloudflare monoculture YouTube video by Three Buddy Problem

This week's problem is up on YouTube @craiu.bsky.social @jags.bsky.social (Presented by Material Security)
youtu.be/75F-z1OvpYU?...

21.11.2025 21:58 👍 7 🔁 2 💬 0 📌 0

Shai-Hulud 2.0, Russia GRU Intrusions, and Microsoft’s Regulatory Capture - Security Conversations (Presented by Material Security: We protect your company’s most valuable materials — the emails, files, and accounts that live in your Google Workspace and Microsoft […]

NEW podcast alert!
@jags.bsky.social @craiu.bsky.social
securityconversations.com/episode/shai...

29.11.2025 19:00 👍 5 🔁 2 💬 1 📌 2

OpenAI's Dave Aitel on using Aardvark to audit cryptocurrency smart contracts @craiu.bsky.social @daveaitel.bsky.social

01.11.2025 18:06 👍 6 🔁 2 💬 1 📌 0

Three Buddy Problem, Ottawa, Canada. @craiu.bsky.social @jags.bsky.social

08.11.2025 22:28 👍 13 🔁 1 💬 1 📌 0

OpenAI’s Dave Aitel talks Aardvark, economics of bug-hunting with LLMs YouTube video by Three Buddy Problem

This week's show features OpenAI's Dave Aitel and is up on YouTube @daveaitel.bsky.social @jags.bsky.social @craiu.bsky.social
youtu.be/EwMJsU8klZ0?...

31.10.2025 21:00 👍 9 🔁 3 💬 1 📌 1

Apple’s iOS forensics freeze, WhatsApp zero-click, China outs NSA - Security Conversations Three Buddy Problem – Episode 69: We dig into news that Apple's iOS 26 has quietly killed the shutdown.log forensic artifact used to spot signs […]

New episode ALERT! @craiu.bsky.social @jags.bsky.social

News on Apple's iOS 26 quietly killing shutdown.log forensic artifact, a million-dollar WhatsApp zero-click that never materialized, Chinese threat intel reports pointing fingers at the NSA...

securityconversations.com/episode/appl...

24.10.2025 19:17 👍 6 🔁 3 💬 0 📌 1

Costin's advice for threat hunters: Look at Ukraine CERT reports YouTube video by Three Buddy Problem

Costin with some advice for threat hunters @craiu.bsky.social @jags.bsky.social
youtube.com/shorts/z6fX1...

29.09.2025 16:17 👍 7 🔁 3 💬 1 📌 0

Apple Exploit-Chain Bounties, Tactical Wi-Fi Exploit Suitcases YouTube video by Three Buddy Problem

An all-new Three Buddy Problem for your weekend earholes. Apple exploits chains, Oracle + ransomware, Ivanti 0days, VT pricing tiers @craiu.bsky.social @jags.bsky.social
youtu.be/qPj9_8azAvk?...

12.10.2025 14:19 👍 6 🔁 4 💬 0 📌 0

26.09.2025 07:41 👍 358 🔁 47 💬 18 📌 5

"The best netflow comes from asking friends for favors." -- @jags.bsky.social @craiu.bsky.social

14.06.2025 16:16 👍 9 🔁 2 💬 1 📌 1

[FR][EN]Our last report on Storm-1516, a russian information manipulation set (IMS) likely to affect the French and European debate.

So proud of my team!

Feel free to share and enjoy. #FIMI

07.05.2025 09:30 👍 23 🔁 6 💬 1 📌 0

Three Buddy Problem Technology Podcast · Updated Weekly · The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware,...

🔥 NEW pod alert! Signalgate and Signal's ID management nightmares, who's the mysterious APT caught in Russia, the return of Lab Dookhtegan and coordinated hack-for-leak ops @craiu.bsky.social @jags.bsky.social

Apple: bit.ly/3budprob
YouTube: bit.ly/TBP-YT
Spotify: bit.ly/3DH5wEO

28.03.2025 19:49 👍 9 🔁 3 💬 0 📌 1

This week, four buddies, no problems! Katie Moussouris is joining the show 🌺

Set your alarms ⏰

Spotify: bit.ly/3DH5wEO
Apple: bit.ly/3budprob
YouTube: bit.ly/TBP-YT

@k8em0.bsky.social @craiu.bsky.social @jags.bsky.social

20.03.2025 18:09 👍 23 🔁 6 💬 1 📌 2

A half-dozen Microsoft zero-days, Juniper router backdoors, advanced bootkit hunting - Security Conversations Three Buddy Problem – Episode 38: On the show this week, we look at a hefty batch of Microsoft zero-days exploited in the wild, iOS […]

A brand-new pod for your weekend earholes. The show is available on all platforms @craiu.bsky.social @jags.bsky.social
securityconversations.com/episode/a-ha...

14.03.2025 20:10 👍 14 🔁 3 💬 0 📌 1

Ryan Naraine on LinkedIn: #threebuddyproblem 🇨🇳 🇺🇸 On the pod, we unpacked a new report on what China knows about NSA intrusions 🕵‍♀️ Costin Raiu #ThreeBuddyProblem

🇨🇳🇺🇸🕵️ On the pod, we unpacked a new report on what China knows about NSA intrusions @jags.bsky.social @craiu.bsky.social www.linkedin.com/posts/ryanar...

26.02.2025 15:21 👍 7 🔁 2 💬 1 📌 0

Good news, there appear to be no need to cancel the results of the German elections!

23.02.2025 18:13 👍 12 🔁 2 💬 3 📌 0

An 'extremely sophisticated' iPhone hack; Google flags major AMD microcode bug

Three Buddy Problem heads-up: The pod will be a day late this week because of travel schedules.

Catch up on Spotify open.spotify.com/show/6dXbRag...

21.02.2025 18:23 👍 10 🔁 3 💬 0 📌 0

Tuned in to listen to a pretty nuanced take on Salt Typhoon, got jump scared by @jags.bsky.social mentioning my name lol

08.01.2025 00:52 👍 14 🔁 3 💬 0 📌 0

With buddies @ryanaraine.bsky.social and @jags.bsky.social

04.01.2025 20:52 👍 1 🔁 1 💬 1 📌 0

US Treasury hacked via BeyondTrust, MISP and the threat actor naming mess - Security Conversations Three Buddy Problem – Episode 28: In this episode, we explore the ongoing challenges of threat actor naming in cybersecurity and the confusion caused by […]

Three Buddy Problem Episode 28 - the first of 2025, is out! We discuss the US Treasury/BeyondTrust hack, APT group naming bad examples of bad examples, a new variant of the Xdr33 malware and exclusive new information on the Cyberhaven hack. securityconversations.com/episode/us-t...

04.01.2025 20:51 👍 16 🔁 8 💬 2 📌 2

Getting Cheated in a Videogame Led Him to a World of Online Crime At 16, Ricky Handschumacher was a high-school baseball star. A decade later, he was facing federal prison for stealing cryptocurrency.

“Today, more seasoned hackers are recruiting kids from the gaming world, said Allison Nixon, chief research officer at online investigations firm Unit 221B. ‘There’s a talent pool in those videogames that can be drawn from and fraud groups have realized this.’”

www.wsj.com/tech/cyberse...

31.12.2024 10:53 👍 17 🔁 6 💬 0 📌 2

Costin G. Raiu

Latest posts by Costin G. Raiu @craiu