
The greatest APT hunter of all time, Apple's exploit kit problem, Microsoft FedRAMP mess
From Three Buddy Problem by Security Conversations
March 20, 2026 · 2h 27m
About this episode
The episode discusses the legacy of legendary malware hunter Sergey Mineev, recent iOS exploit discoveries, and various cybersecurity issues including Microsoft's FedRAMP problems and AI policy developments.
( Presented by Thinkst Canary : Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their hand by touching ’em giving you the one alert, when it matters. With zero admin overhead and almost no false-positives, Canaries are deployed (and loved) on all 7 continents. ) Three Buddy Problem - Episode 90 : We remember GReAT teammate Sergey Mineev, the legendary malware hunter behind discoveries like Equation Group and Project Sauron (Remsec), including stories about his methods and why he was the best to ever do it. Plus, another in-the-wild iOS exploit kit discovery and a long overdue conversation about Apple's responsibility to hundreds of millions of users on older iOS versions; the ProPublica Microsoft/FedRAMP bombshell, Interlock ransomware sitting on a Cisco zero-day, the White House AI policy framework, and Supermicro co-founder $2.5 billion AI chip smuggling bust. Cast: Juan Andres Guerrero-Saade , Ryan Naraine and Costin Raiu . Links: Transcript Thinkst Canary Equation Group: The Crown Creator of Cyber-Espionage The Project Sauron APT Google: The…
People in this episode
Hosts: Juan Andres Guerrero-Saade, Ryan Naraine, Costin Raiu
Topics covered
- APT hunting
- malware discovery
- iOS exploits
- cybersecurity
- AI policy
- ransomware
Keywords
- APT hunter
- malware
- iOS exploit kit
- Microsoft FedRAMP
- ransomware
- AI policy
- cybersecurity
Sponsors
Thinkst Canary
Mentioned in this episode
Organizations: Apple, Microsoft, ProPublica, Cisco, Supermicro
Products: iOS, DarkSword
More episodes of Three Buddy Problem
- Mythos, Fable, and Anthropic's Big Trust Problem · June 12, 2026 · 1h 59m
- Fast16, Fanny, and Stuxnet: Cyber Paleontology Redux · June 5, 2026 · 2h 24m
- Microsoft Threatens Vuln Researchers; Shadow Brokers Revisited · May 30, 2026 · 1h 60m
- Aaron Portnoy on Pwn2Own, the End of Easy Bugs, and AI-Fueled Offense · May 27, 2026 · 40 min
- Perri Adams on Proof Engines, LLMs, and the New Era of Verifiable Code · May 26, 2026 · 40 min
- Find 50,000 Bugs, Fix Zero: Gabriel Bernadett-Shapiro on the AI Vuln Trap · May 26, 2026 · 50 min
Explore listener stats, chart rankings, contacts and more on the Three Buddy Problem podcast page.