Inside the Turla Playbook: Hijacking APTs and fourth-party espionage

Three Buddy Problem - Episode 24: In this episode, we did into Lumen/Microsoft’s revelations on Russia's Turla APT stealing from a Pakistani APT, and issues around fourth-party espionage and problems with threat actor attribution. We also discuss Citizen Lab’s findings on Monokle-like spyware implanted by Russian authorities, the slow pace of Salt Typhoon disinfection, the Solana web3.js supply chain attack affecting crypto projects, and the Romanian election crisis over Russian interference via TikTok. Cast: Juan Andres Guerrero-Saade, Costin Raiuand Ryan Naraine.Links:Transcript (unedited, AI-generated)Russian APT Turla Caught Stealing From Pakistani APTSnowblind: The Invisible Hand of Secret BlizzardMicrosoft: Secret Blizzard compromising Storm-0156 infrastructure for espionage | Microsoft Security BlogEpicTurla.comDevice Confiscated by Russian Authorities Returned with Monokle-Type SpywareLookout Security research paper on Monokle spywareParubets: How a programmer foiled his own FSB recruitmentCISA/FBI guidance to repel Salt TyphoonUS officials say they still have not expelled Chinese telco hackersSolana backdoored in supply chain hackRomania's top court annuls first round of presidential vote won by far-right candidate