Costin G. Raiu
@craiu.bsky.social
Romanian antihacker from another planet. #threatintel #yara #chess #taekwondo black belt
Motto: "One reboot a day keeps the implant away"
Motto: "One reboot a day keeps the implant away"
Reposted by Costin G. Raiu
Sources: US officials are telling multiple agencies, including FBI, to pull pple from attending the RSA conference after Jen Easterly, who led CISA under Biden, was named RSAC CEO: www.cnn.com/politics/liv...
Live updates: Trump keeping Machado’s Nobel prize after Venezuelan opposition leader presents it to him | CNN Politics
Venezuelan opposition leader María Corina Machado, the 2025 Nobel Peace Prize winner, met with President Donald Trump today. Follow for live updates.
www.cnn.com
January 16, 2026 at 3:29 AM
Sources: US officials are telling multiple agencies, including FBI, to pull pple from attending the RSA conference after Jen Easterly, who led CISA under Biden, was named RSAC CEO: www.cnn.com/politics/liv...
Reposted by Costin G. Raiu
This week's Three Buddy Problem show is presented by Material Security and includes book-reading recommendations from @craiu.bsky.social and @jags.bsky.social
WATCH youtu.be/mY9rRd1Wm_I?...
WATCH youtu.be/mY9rRd1Wm_I?...
A special mailbag episode with book recommendations
YouTube video by Three Buddy Problem
youtu.be
January 5, 2026 at 6:21 PM
This week's Three Buddy Problem show is presented by Material Security and includes book-reading recommendations from @craiu.bsky.social and @jags.bsky.social
WATCH youtu.be/mY9rRd1Wm_I?...
WATCH youtu.be/mY9rRd1Wm_I?...
Reposted by Costin G. Raiu
NEW!! (Presented by Material Security). We talk about the escalating protests in Iran, the expected cyber effects, and parallels with cyber operations and Venezuela power cuts. @craiu.bsky.social @jags.bsky.social @darkcell.bsky.social
securityconversations.com/episode/hami...
securityconversations.com/episode/hami...
Hamid Kashfi on the situation in Iran; Did cyber cause Venezuela blackouts? - Security Conversations
(Presented by Material Security: We protect your company’s most valuable materials — the emails, files, and accounts that live in your Google Workspace and Microsoft […]
securityconversations.com
January 9, 2026 at 8:09 PM
NEW!! (Presented by Material Security). We talk about the escalating protests in Iran, the expected cyber effects, and parallels with cyber operations and Venezuela power cuts. @craiu.bsky.social @jags.bsky.social @darkcell.bsky.social
securityconversations.com/episode/hami...
securityconversations.com/episode/hami...
The Cybersecurity Booklist: 11 Must-Reads for 2026 from The Three Buddy Problem Podcast: t.co/XuM7Bd0MXh @ryanaraine.bsky.social @jags.bsky.social
https://medium.com/@costin.raiu/the-cybersecurity-booklist-11-must-reads-for-2026-from-the-three-buddy-problem-podcast-ef8216958bd3
t.co
January 10, 2026 at 10:15 AM
The Cybersecurity Booklist: 11 Must-Reads for 2026 from The Three Buddy Problem Podcast: t.co/XuM7Bd0MXh @ryanaraine.bsky.social @jags.bsky.social
Reposted by Costin G. Raiu
This weekend's problem is up on YouTube. Shoutout to ThreatLocker for supporting the show! @craiu.bsky.social @jags.bsky.social
www.youtube.com/watch?v=LR9F...
www.youtube.com/watch?v=LR9F...
December 13, 2025 at 4:18 PM
This weekend's problem is up on YouTube. Shoutout to ThreatLocker for supporting the show! @craiu.bsky.social @jags.bsky.social
www.youtube.com/watch?v=LR9F...
www.youtube.com/watch?v=LR9F...
Reposted by Costin G. Raiu
!! BRAND NEW Three Buddy Problem, on React2Shell, BRICKSTORM, .gov surveillance madness, and AI agents finding smart contracts exploits @craiu.bsky.social @jags.bsky.social
LISTEN EVERYWHERE pod.link/1414525622
(Presented by ThreatLocker)
LISTEN EVERYWHERE pod.link/1414525622
(Presented by ThreatLocker)
December 6, 2025 at 6:51 PM
!! BRAND NEW Three Buddy Problem, on React2Shell, BRICKSTORM, .gov surveillance madness, and AI agents finding smart contracts exploits @craiu.bsky.social @jags.bsky.social
LISTEN EVERYWHERE pod.link/1414525622
(Presented by ThreatLocker)
LISTEN EVERYWHERE pod.link/1414525622
(Presented by ThreatLocker)
Reposted by Costin G. Raiu
This week's problem is up on YouTube @craiu.bsky.social @jags.bsky.social (Presented by Material Security)
youtu.be/75F-z1OvpYU?...
youtu.be/75F-z1OvpYU?...
Gemini 3, Fortinet/Chrome zero-days, Cloudflare monoculture
YouTube video by Three Buddy Problem
youtu.be
November 21, 2025 at 9:58 PM
This week's problem is up on YouTube @craiu.bsky.social @jags.bsky.social (Presented by Material Security)
youtu.be/75F-z1OvpYU?...
youtu.be/75F-z1OvpYU?...
Reposted by Costin G. Raiu
Reposted by Costin G. Raiu
OpenAI's Dave Aitel on using Aardvark to audit cryptocurrency smart contracts @craiu.bsky.social @daveaitel.bsky.social
November 1, 2025 at 6:06 PM
OpenAI's Dave Aitel on using Aardvark to audit cryptocurrency smart contracts @craiu.bsky.social @daveaitel.bsky.social
Reposted by Costin G. Raiu
Three Buddy Problem, Ottawa, Canada. @craiu.bsky.social @jags.bsky.social
November 8, 2025 at 10:29 PM
Three Buddy Problem, Ottawa, Canada. @craiu.bsky.social @jags.bsky.social
Reposted by Costin G. Raiu
This week's show features OpenAI's Dave Aitel and is up on YouTube @daveaitel.bsky.social @jags.bsky.social @craiu.bsky.social
youtu.be/EwMJsU8klZ0?...
youtu.be/EwMJsU8klZ0?...
OpenAI’s Dave Aitel talks Aardvark, economics of bug-hunting with LLMs
YouTube video by Three Buddy Problem
youtu.be
October 31, 2025 at 9:00 PM
This week's show features OpenAI's Dave Aitel and is up on YouTube @daveaitel.bsky.social @jags.bsky.social @craiu.bsky.social
youtu.be/EwMJsU8klZ0?...
youtu.be/EwMJsU8klZ0?...
Reposted by Costin G. Raiu
New episode ALERT! @craiu.bsky.social @jags.bsky.social
News on Apple's iOS 26 quietly killing shutdown.log forensic artifact, a million-dollar WhatsApp zero-click that never materialized, Chinese threat intel reports pointing fingers at the NSA...
securityconversations.com/episode/appl...
News on Apple's iOS 26 quietly killing shutdown.log forensic artifact, a million-dollar WhatsApp zero-click that never materialized, Chinese threat intel reports pointing fingers at the NSA...
securityconversations.com/episode/appl...
Apple’s iOS forensics freeze, WhatsApp zero-click, China outs NSA - Security Conversations
Three Buddy Problem – Episode 69: We dig into news that Apple's iOS 26 has quietly killed the shutdown.log forensic artifact used to spot signs […]
securityconversations.com
October 24, 2025 at 7:17 PM
New episode ALERT! @craiu.bsky.social @jags.bsky.social
News on Apple's iOS 26 quietly killing shutdown.log forensic artifact, a million-dollar WhatsApp zero-click that never materialized, Chinese threat intel reports pointing fingers at the NSA...
securityconversations.com/episode/appl...
News on Apple's iOS 26 quietly killing shutdown.log forensic artifact, a million-dollar WhatsApp zero-click that never materialized, Chinese threat intel reports pointing fingers at the NSA...
securityconversations.com/episode/appl...
Reposted by Costin G. Raiu
Costin with some advice for threat hunters @craiu.bsky.social @jags.bsky.social
youtube.com/shorts/z6fX1...
youtube.com/shorts/z6fX1...
Costin's advice for threat hunters: Look at Ukraine CERT reports
YouTube video by Three Buddy Problem
youtube.com
September 29, 2025 at 4:17 PM
Costin with some advice for threat hunters @craiu.bsky.social @jags.bsky.social
youtube.com/shorts/z6fX1...
youtube.com/shorts/z6fX1...
Reposted by Costin G. Raiu
An all-new Three Buddy Problem for your weekend earholes. Apple exploits chains, Oracle + ransomware, Ivanti 0days, VT pricing tiers @craiu.bsky.social @jags.bsky.social
youtu.be/qPj9_8azAvk?...
youtu.be/qPj9_8azAvk?...
Apple Exploit-Chain Bounties, Tactical Wi-Fi Exploit Suitcases
YouTube video by Three Buddy Problem
youtu.be
October 12, 2025 at 2:19 PM
An all-new Three Buddy Problem for your weekend earholes. Apple exploits chains, Oracle + ransomware, Ivanti 0days, VT pricing tiers @craiu.bsky.social @jags.bsky.social
youtu.be/qPj9_8azAvk?...
youtu.be/qPj9_8azAvk?...
Reposted by Costin G. Raiu
Reposted by Costin G. Raiu
"The best netflow comes from asking friends for favors." -- @jags.bsky.social @craiu.bsky.social
June 14, 2025 at 4:16 PM
"The best netflow comes from asking friends for favors." -- @jags.bsky.social @craiu.bsky.social
Reposted by Costin G. Raiu
[FR][EN]Our last report on Storm-1516, a russian information manipulation set (IMS) likely to affect the French and European debate.
So proud of my team!
Feel free to share and enjoy. #FIMI
So proud of my team!
Feel free to share and enjoy. #FIMI
VIGINUM publie un rapport sur les activités de Storm-1516, un mode opératoire informationnel russe susceptible d’affecter le débat public francophone et européen.
Ce rapport s'appuie sur l'analyse de 77 opérations informationnelles conduites par Storm-1516 ➡️ www.sgdsn.gouv.fr/publications...
Ce rapport s'appuie sur l'analyse de 77 opérations informationnelles conduites par Storm-1516 ➡️ www.sgdsn.gouv.fr/publications...
May 7, 2025 at 9:30 AM
[FR][EN]Our last report on Storm-1516, a russian information manipulation set (IMS) likely to affect the French and European debate.
So proud of my team!
Feel free to share and enjoy. #FIMI
So proud of my team!
Feel free to share and enjoy. #FIMI
Reposted by Costin G. Raiu
🔥 NEW pod alert! Signalgate and Signal's ID management nightmares, who's the mysterious APT caught in Russia, the return of Lab Dookhtegan and coordinated hack-for-leak ops @craiu.bsky.social @jags.bsky.social
Apple: bit.ly/3budprob
YouTube: bit.ly/TBP-YT
Spotify: bit.ly/3DH5wEO
Apple: bit.ly/3budprob
YouTube: bit.ly/TBP-YT
Spotify: bit.ly/3DH5wEO
Three Buddy Problem
Technology Podcast · Updated Weekly · The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware,...
bit.ly
March 28, 2025 at 7:49 PM
🔥 NEW pod alert! Signalgate and Signal's ID management nightmares, who's the mysterious APT caught in Russia, the return of Lab Dookhtegan and coordinated hack-for-leak ops @craiu.bsky.social @jags.bsky.social
Apple: bit.ly/3budprob
YouTube: bit.ly/TBP-YT
Spotify: bit.ly/3DH5wEO
Apple: bit.ly/3budprob
YouTube: bit.ly/TBP-YT
Spotify: bit.ly/3DH5wEO
Reposted by Costin G. Raiu
This week, four buddies, no problems! Katie Moussouris is joining the show 🌺
Set your alarms ⏰
Spotify: bit.ly/3DH5wEO
Apple: bit.ly/3budprob
YouTube: bit.ly/TBP-YT
@k8em0.bsky.social @craiu.bsky.social @jags.bsky.social
Set your alarms ⏰
Spotify: bit.ly/3DH5wEO
Apple: bit.ly/3budprob
YouTube: bit.ly/TBP-YT
@k8em0.bsky.social @craiu.bsky.social @jags.bsky.social
March 20, 2025 at 6:09 PM
This week, four buddies, no problems! Katie Moussouris is joining the show 🌺
Set your alarms ⏰
Spotify: bit.ly/3DH5wEO
Apple: bit.ly/3budprob
YouTube: bit.ly/TBP-YT
@k8em0.bsky.social @craiu.bsky.social @jags.bsky.social
Set your alarms ⏰
Spotify: bit.ly/3DH5wEO
Apple: bit.ly/3budprob
YouTube: bit.ly/TBP-YT
@k8em0.bsky.social @craiu.bsky.social @jags.bsky.social
Reposted by Costin G. Raiu
A brand-new pod for your weekend earholes. The show is available on all platforms @craiu.bsky.social @jags.bsky.social
securityconversations.com/episode/a-ha...
securityconversations.com/episode/a-ha...
A half-dozen Microsoft zero-days, Juniper router backdoors, advanced bootkit hunting - Security Conversations
Three Buddy Problem – Episode 38: On the show this week, we look at a hefty batch of Microsoft zero-days exploited in the wild, iOS […]
securityconversations.com
March 14, 2025 at 8:10 PM
A brand-new pod for your weekend earholes. The show is available on all platforms @craiu.bsky.social @jags.bsky.social
securityconversations.com/episode/a-ha...
securityconversations.com/episode/a-ha...
Reposted by Costin G. Raiu
🇨🇳🇺🇸🕵️ On the pod, we unpacked a new report on what China knows about NSA intrusions @jags.bsky.social @craiu.bsky.social www.linkedin.com/posts/ryanar...
Ryan Naraine on LinkedIn: #threebuddyproblem
🇨🇳 🇺🇸 On the pod, we unpacked a new report on what China knows about NSA intrusions 🕵♀️ Costin Raiu #ThreeBuddyProblem
www.linkedin.com
February 26, 2025 at 3:21 PM
🇨🇳🇺🇸🕵️ On the pod, we unpacked a new report on what China knows about NSA intrusions @jags.bsky.social @craiu.bsky.social www.linkedin.com/posts/ryanar...
Reposted by Costin G. Raiu
Good news, there appear to be no need to cancel the results of the German elections!
February 23, 2025 at 6:13 PM
Good news, there appear to be no need to cancel the results of the German elections!
Reposted by Costin G. Raiu
Three Buddy Problem heads-up: The pod will be a day late this week because of travel schedules.
Catch up on Spotify open.spotify.com/show/6dXbRag...
Catch up on Spotify open.spotify.com/show/6dXbRag...
An 'extremely sophisticated' iPhone hack; Google flags major AMD microcode bug
open.spotify.com
February 21, 2025 at 6:23 PM
Three Buddy Problem heads-up: The pod will be a day late this week because of travel schedules.
Catch up on Spotify open.spotify.com/show/6dXbRag...
Catch up on Spotify open.spotify.com/show/6dXbRag...
Reposted by Costin G. Raiu
Tuned in to listen to a pretty nuanced take on Salt Typhoon, got jump scared by @jags.bsky.social mentioning my name lol
Three Buddy Problem Episode 28 - the first of 2025, is out! We discuss the US Treasury/BeyondTrust hack, APT group naming bad examples of bad examples, a new variant of the Xdr33 malware and exclusive new information on the Cyberhaven hack. securityconversations.com/episode/us-t...
US Treasury hacked via BeyondTrust, MISP and the threat actor naming mess - Security Conversations
Three Buddy Problem – Episode 28: In this episode, we explore the ongoing challenges of threat actor naming in cybersecurity and the confusion caused by […]
securityconversations.com
January 8, 2025 at 12:52 AM
Tuned in to listen to a pretty nuanced take on Salt Typhoon, got jump scared by @jags.bsky.social mentioning my name lol
Three Buddy Problem Episode 28 - the first of 2025, is out! We discuss the US Treasury/BeyondTrust hack, APT group naming bad examples of bad examples, a new variant of the Xdr33 malware and exclusive new information on the Cyberhaven hack. securityconversations.com/episode/us-t...
US Treasury hacked via BeyondTrust, MISP and the threat actor naming mess - Security Conversations
Three Buddy Problem – Episode 28: In this episode, we explore the ongoing challenges of threat actor naming in cybersecurity and the confusion caused by […]
securityconversations.com
January 4, 2025 at 8:51 PM
Three Buddy Problem Episode 28 - the first of 2025, is out! We discuss the US Treasury/BeyondTrust hack, APT group naming bad examples of bad examples, a new variant of the Xdr33 malware and exclusive new information on the Cyberhaven hack. securityconversations.com/episode/us-t...