Three Buddy Problem - Episode 8: This week’s show digs into Microsoft’s in-the-wild zero-day woes, Patch Tuesday and the absence of IOCs, a wormable Windows TCP/IP flaw that the Chinese government knew about for months, Iran’s aggressive hacking US election targets, CrowdStrike v Qihoo360 and major problems with APT naming conventions. Hosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek) Links: Episode 8 TranscriptSix Windows Zero-Days Being Actively ExploitedCVE-2024-38063 - Windows Ping of DeathWormable TCP/IP flaw known to China — Chinese researcher Xiao Wei of Cyber KunLun said he discovered the vulnerability “several months ago.” Google TAG: Iran steps hacking against Israel, U.S.Microsoft report on Iran election hackingQihoo claims CrowdStrike bug exploitableCrowdStrike root cause analysisLABScon - Speakers 2024